As you would have likely heard in the media in this week, one of Australia’s largest telecommunications companies, Optus, has been the subject of likely Australia’s largest data breach to date.
It has been advised that details of current and former customers of Optus may have been exposed, including names, date of birth, email addresses and identification numbers (such as drivers licence, passport and Medicare numbers).
Initially, the hacker released approximately 12 000 records along with a ransom demand for $1 million. Then, in an abrupt about face, the hacker promised not to release any further records. It is possible that the hacker still has the other records that have not been released.
It has also emerged that even previous Optus customers have been impacted, so even if you no longer use Optus services you may be at risk.
In this case, it understood Optus’ actual services, including mobile, internet and wireless networks were not affected, so they advised no passwords were compromised.
To protect yourself, please be careful by:
- Regularly check your online accounts, especially your bank accounts for any suspicious transactions.
- Being wary of scammers who may attempt to contact you who have gained access to your information, using the information they have learned to possibly seek further information or request payment.
- If someone contacts you claiming to be from Optus, also be vigilant especially over phone and email messages which may be used phishing scams.
For additional support, you may wish to review IDCare (link opens in new window), who have also published an IDCare (link opens in new window), which is useful in determining the risk and recommendations for particular data which been compromised and how to take action.
You can also review recorded data breaches from HaveIBeenPwned (link opens in new window), to check if your email or phone has been listed.
You may also wish to consider a service such as Equifax Credit & Identity Protect (link opens in new window), which will offer a credit monitoring service to affected Optus customers but we believe something all Optus customers should be undertaking.
For further information, we would encourage you to regularly also review Optus’ Media Release, Optus notifies customers of cyberattack compromising customer information (link opens in new window) which is updated frequently with new information.
We will continue to monitor the situation and provide more steps which you or your organisation can take.
If we can assist in any way, please contact us.