What data was stolen from Optus

If you've been affected by the Optus data breach, the danger is far from over – no matter what the purported hacker is claiming.

Anyone who claims to be able to scrub the data from the dark web is claiming to put toothpaste back in the tube. [unexpectedly apologised](https://www.abc.net.au/news/2022-09-27/optus-data-breach-cyber-attack-hacker-ransom-sorry/101476316) and claimed to have deleted the data due to “too many eyes”, suggesting fear of being caught. The advice we provided in There is also no guarantee the data were not already sold to a third party. Anyone receiving this kind of text message should make every effort to contact their family member or friend by other means. This involves scammers posing as a family member or friend from a new phone number, often using WhatsApp, in need of urgent financial help. We have to ask: what would the hacker gain from claiming to delete them? Paying anyone who makes these claims will not increase the security of your information. [IDCare](https://www.idcare.org) for additional aid and [Cyber Report](https://www.cyber.gov.au/acsc/report) to report the crime. Instead of helping, they steal money or obtain more information from the victim. When Optus didn’t pay, the purported hacker published 10,000 stolen records and threatened to release ten thousand more every day until the ransom deadline. So this method will not be available.

An expert says the data could be used by criminals to take out fraudulent loans or impersonate victims; Australian intelligence agencies are investigating the ...

"I want to reassure Australians that the full weight of cybersecurity capabilities across government … "Banks have really robust and solid systems … "I think in terms of responding to these sorts of breaches, I think we've missed the ball." "There have been previous cases where customers … "There's actually some real national security implications to the release of this information." [who] have been able to show through evidence that their identity was compromised have been able to negotiate with the bank," he said.

If you're among the millions of Optus customers worried about your driver's licence details being exposed in the data breach, you may be able to get a free ...

“I was surprised to read a media release from their shadow ministers are saying Labor must provide new passports for Optus victims ... “Passport customers affected by this breach and concerned about identity fraud may choose to replace their passports. You’ll get a new licence card within 10 business days. “Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information and obtain a new passport,” Liberal senator James Paterson said in a statement. Only the card number changes. In order to organise a new licence, drivers can visit any Service Tasmania Contact Centre, and they will arrange a new licence number and a replacement licence card. The department has asked Optus to repay the cost of new licences to the Victorian Government. If you’re concerned about your licence details and have been notified by Optus that your data has been breached, you can contact VicRoads to request a replacement. “Once your licence number has been changed, a new driver licence card will be produced and posted to you,” Service SA said in a statement on its website. Queenslanders who have been advised by Optus that their ID information has been compromised can get a free, new replacement by the Department of Transport and Main Roads. “While the Queensland Driver Licence is a highly secure identity document, we understand that some customers who have been impacted are concerned and may wish to get a new driver licence number,” a Transport and Main Roads spokesperson said in a statement to SBS News. As to who will pay for the cost, the $29 replacement fee will be charged by Service NSW at the time of application and reimbursement advice will be issued by Optus to customers in the coming days.

Identity theft is one of the biggest concerns raised by the Optus data breach – here's how to stay protected.

You can also [compare mobile plans on Finder](https://www.finder.com.au/mobile-plans) if you want to make a change. "You should also ask questions of the people you speak to so you can understand the process. Note these requirements so you can comply." With so many of the signs related to your credit report, Forbes said the first step is to "obtain a copy of your credit report and look for unauthorised applications for credit". "When dealing with a possible identity theft, it is important to keep records of the conversations you have and keep notes, including name/s of the individual, contact number, the date you spoke to an organisation and details of the conversation," Forbes said. You can get a free copy of your credit report and score each month through the - Report the fraudulent activity or crime to the police. [Finder app](https://www.finder.com.au/credit-score). - Credit alerts when there are changes to your credit report But identity theft is still worth over $2 billion to the economy according to the [card fraud](https://www.finder.com.au/australians-scammed-of-1-billion-in-card-fraud-2022) is the most common issue, affecting 6.9% of Australians, followed by scams (3.8%). Around 0.8% of Australians experienced identity theft in 2020–2021 according to the latest data from the Australian Bureau of Statistics (ABS).

The government will overhaul the nation's cybersecurity and privacy laws following the massive Optus cyberattack, as the Prime Minister called on the ...

"Immediate action should be taken to guarantee victims the opportunity to obtain a new passport now without charge, while terms to cover costs are negotiated with Optus," Birmingham and Paterson said. A former chief information officer of billion-dollar companies including QBE Insurance, Tony Forward, said Optus did not need to keep the document numbers after consumers sign up. It could also argue that it should retain the data for years after accounts were closed in an effort to satisfy audit requirements. We have to be able to go back in our records for six years and so we do hold information for the required length of time." Associate Professor Rob Nicholls, an expert in telecommunications regulation at UNSW, said a telco could claim it was keeping personal identification data under the metadata laws to show it was properly identifying customers. It does not demand companies keep passport, driver’s licence and Medicare numbers but a spokesperson for the Attorney-General’s department said the law did not specify what documents “other information” means companies must collect.

If you're among the millions of Optus customers worried about your driver's licence details being exposed in the data breach, you may be able to get a free ...

“I was surprised to read a media release from their shadow ministers are saying Labor must provide new passports for Optus victims ... “Passport customers affected by this breach and concerned about identity fraud may choose to replace their passports. You’ll get a new licence card within 10 business days. “Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information and obtain a new passport,” Liberal senator James Paterson said in a statement. Only the card number changes. In order to organise a new licence, drivers can visit any Service Tasmania Contact Centre, and they will arrange a new licence number and a replacement licence card. The department has asked Optus to repay the cost of new licences to the Victorian Government. If you’re concerned about your licence details and have been notified by Optus that your data has been breached, you can contact VicRoads to request a replacement. “Once your licence number has been changed, a new driver licence card will be produced and posted to you,” Service SA said in a statement on its website. Queenslanders who have been advised by Optus that their ID information has been compromised can get a free, new replacement by the Department of Transport and Main Roads. “While the Queensland Driver Licence is a highly secure identity document, we understand that some customers who have been impacted are concerned and may wish to get a new driver licence number,” a Transport and Main Roads spokesperson said in a statement to SBS News. As to who will pay for the cost, the $29 replacement fee will be charged by Service NSW at the time of application and reimbursement advice will be issued by Optus to customers in the coming days.

Thinking about changing your licence number, passport, or Medicare details since the Optus data breach? Here's the latest information.

they will also be contacted directly over the next couple of days," Optus said in a statement. If you're concerned or you've been affected, you can replace your Medicare card. They can help secure accounts if they've been compromised. [there is no justification for Optus customers to bear the cost of getting a new passport](/news/2022-09-28/federal-government-asks-optus-to-pay-for-new-passports/101483486). Further information on licence replacements is expected shortly. The ACT government says a replacement card is necessary for these individuals, and they will be prioritised to receive a new licence. Those deemed most at risk of identity theft or fraud due to the Optus data breach will receive a new driver licence card for free, the ACT government says. A spokesperson for the South Australian Department for Infrastructure and Transport said those affected by the Optus breach The number of NT customers whose driver's licence data has been stolen is around 20,000, and all people impacted will be contacted by Optus, the state government said in a statement. "The cost to replace your driver licence is $29 and will be charged by Service NSW at the time of application – reimbursement advice will be issued by Optus to customers in the coming days," he wrote. "We will request Optus repays the cost of the new licences to the Victorian Government." Mr Dominello said Optus would contact customers in the coming days to advise whether or not they needed to apply for a replacement drivers licence.

The Optus data breach is believed to be one of the largest in Australia's history. Here are the steps you can take if your data has been exposed.

Australians are able to access a free copy of their credit report from the three major credit reporting agencies (Equifax, Experian and illion) every 90 days, and it's also possible to place a ban on your report if you suspect that you've been a victim of identity theft. It's a totally natural reaction, which is why the ACCC's Scamwatch recommends that people keep any eye on their Or it could be used for even milder things like creating social media accounts in your name and posting hate speech or other material that will badly reflect on you." While the leak of sensitive personal information like a driver's licence number or passport number doesn't happen in every data breach, if it does occur, as it has to plenty of customers in the Optus breach, it may be worth exploring the possibility of replacing any affected identity documents - as much as a pain as that may be. "We are very sorry and understand customers will be concerned. [how to respond to a data breach notification](/click/external?r=https%3A%2F%2Fwww.oaic.gov.au%2Fprivacy%2Fdata-breaches%2Frespond-to-a-data-breach-notification&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895), otherwise if you believe you've been a victim of a scam or fraud, here are some resources and contacts that may be able to help: [Scamwatch](/click/external?r=https%3A%2F%2Fwww.scamwatch.gov.au%2F&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895) [AFCA](/click/external?r=https%3A%2F%2Fwww.afca.org.au%2F&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895)- 1800 931 678 [ACCC](/click/external?r=https%3A%2F%2Fwww.accc.gov.au%2Fconsumers%2Fcomplaints-problems&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895)- 1300 302 502 [IDCARE](/click/external?r=https%3A%2F%2Fwww.idcare.org%2Fcontact-us&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895)- 1800 595 160 [Services Australia Scams and Identity Theft Helpdesk](/click/external?r=https%3A%2F%2Fwww.servicesaustralia.gov.au%2Fwhat-to-do-if-scam-has-affected-you%3Fcontext%3D60271&f=%2Foptus-how-to-secure-your-data-mass-data-breach&g=cp-179796895)- 1800 941 126 Following the Optus data breach, the telco has stated that it will be offering some customers free access to a 12-month subscription of a credit monitoring service from Equifax. "Optus has also notified key financial institutions about this matter. One positive in the Optus case is that the telco has reported that payment information such as credit card and bank account details hasn't been compromised, but like most data breaches, the worry is that the personal details that have been stolen will be used by criminals to conduct After any data breach, one of the first steps to take is changing the password associated with the service or account which has been compromised - especially, says Heiser, if you've used that same password for multiple accounts. In recent years a number of corporate and government institutions including the likes of Canva, Bunnings, ShopBack, the Australian National University, Service NSW and the Victorian Government have been hit by data breaches which resulted in the release of the personal details of individuals. The data breach is believed to have been one of the largest to occur in Australia, with over 9.7 million current and former Optus customers stretching as far back as 2017 likely to have had at least some information such as their name, date of birth, email, phone number and address stolen.

Thousands of Medicare card numbers have been exposed during as a result of the Optus data breach, the compa...

The identity of the hacker or hackers has not been confirmed, but MacGibbon said the consensus inside the cyber-security community was that it was not a "sophisticated" attack that led to the Optus breach. "The unfortunate thing this week, is that by all accounts, this was not a sophisticated breach." "The size of this data breach, up to 10 million Australians affected, is unprecedented here in this country," he said. "We are very concerned about the loss of the data and are working hard to deal with the consequences, but we are particularly concerned we were not notified earlier and consumers were not notified earlier about the breach of Medicare data as well," he said. "All of the customers who have a Medicare card that is not expired will be contacted within 24 hours," Optus said. The company said it will contact those customers directly "out of an abundance of caution".

When any sensitive data is stored digitally, it has become common practice to encrypt that information. And it's usually effective - if done properly.

“We should be thinking of the more data you have, the higher your risk,” he said. “We might use an API between two systems where there is a level of trust between them,” Haskell-Dowland said. An API, or Application Programming Interface, is a piece of software that allows information to be sent and received between two parties. So far, there has been no concrete explanation to how the data breach occurred. The key to unlocking this box is with an algorithm or piece of code. Data is put into that box.

Details on how to access this service will be available in coming days. Medicare numbers. If you've used your Medicare card number to prove your identity with ...

- Contact the resolution and support team at Access Canberra on 13 22 81 and select option one. The former stays with you for life, and the latter changes each time your card is reprinted. - Apply online via the Access Canberra website. Optus will credit the cost of a replacement licence if ACT residents have had their driver’s licence number and licence card number compromised. In the ACT, your driver licence card includes a driver licence number and a driver licence card number. Those affected should visit a Service Tasmania shop to arrange a new licence number and a replacement licence card, and will need to bring evidence from Optus that they have been affected by the hack. The Department of State Growth will contact customers who have already applied for a replacement licence to reimburse the cost. [replacement Tasmanian licences will be free](https://www.premier.tas.gov.au/site_resources_2015/additional_releases/service-tasmania-fee-waiver) for those who can prove they have had both the licence number and card number stolen. Northern Territory driver’s licences include a licence number and a card number, which are both required for the licence data to be used for identity fraud. [WA government](https://www.mediastatements.wa.gov.au/Pages/McGowan/2022/09/State-Government-acts-to-protect-WA-Optus-customers-impacted-by-data-breach.aspx) announced new driver’s licence cards with new licence numbers will be issued to affected Optus customers for free, with their new applications to be prioritised. If your licence details have been compromised, WA residents have been told to attend a Department of Transport Driver and Vehicle Services Centre or regional agent to have a new licence issued, and provide: [‘strongly advised’ to apply for a replacement licence as soon as possible](https://www.nsw.gov.au/customer-service/media-releases/nsw-government-assisting-customers-following-optus-data-breach).

Who is the attacker? How was the data accessed? What was taken? Digital security experts explain.

It is also considering large fines for companies that allow such a breach to occur. Optus still hasn’t confirmed how the data was accessed. “Seeing the hacker back down, apologise and promise to delete the data is very rare. State and federal governments are making it easier for those affected to replace identity documents that may have been accessed. The alleged attacker threatened to sell the data unless Optus paid US$1m in cryptocurrency. He said ransom demands were not unusual for large data breaches such as that suffered by Optus, but the alleged attacker’s change of heart was unexpected.