Australian based Managed IT support offices in Melbourne, Sydney and Brisbane
Powernet Colour a VITG Company POS

Everything You Need to Know About the Optus Data Breach

On Thursday 22nd September 2022 at 2:00 pm Optus published a media release stating that they were investigating the possible unauthorised access of current and former customers’ information. This was later confirmed as a legitimate and major data breach.

Information, which was accessed includes people’s names, dates of birth, phone numbers, email addresses, addresses and ID document numbers such as driver's licenses, Medicare and passport numbers.

This means that if you’ve ever been an Optus customer, it is very likely you’ve been caught up in this. The data included in this breach is enough to steal the identity of the affected people. 

What Happened?

Australian government representatives and cyber experts have confirmed this was not a sophisticated attack. Instead, an API was open to the internet for anyone to reach. Using the API the cybercriminal was able to pull out the records of these customers. No exploits or account credentials were required.

Frustrated with no communication or payment, the cybercriminal updated their original post to include another sample from the breached data. This time 10,000 records were included, in addition to the first 200 they posted to prove the data’s legitimacy.

Shortly after that link was taken down. But it has been reposted multiple times across criminal forums.

Cybercriminals are also bundling trojans in with both false and real data sets as "reposts". Everyone wants a cut of this data right now to check if they or their families/friends are in it so criminals are taking the opportunity to try and spread malware. 

Australian media reports this data as being shared "On the Dark web" though I'm sure it is, the original post source is on the clear net. The same part of the internet where Facebook and Google live. These 10,200 records are highly accessible so it's important to take action if you've been advised your ID has been exposed.

After the additional data was posted it was revealed that Medicare numbers were also included in the data exposed. Optus is facing a serious backlash as this was not initially communicated when they were advising customers specifically what data was stolen, despite knowing what records they hold on customers. It is a legal requirement of the OAIC to report such things.

Optus announced that affected customers would receive free credit monitoring. In a statement, they advised that:
“Optus will be getting in touch with these customers with information on how to start the Equifax subscription over the coming days. These communications will not include links. If you get an email or SMS claiming to be from Optus with a link, do not click - it's a scam.”

In a turn of events on the 27th of September, the cybercriminal declared that they would not be publishing the data and that it had been deleted.

Regardless of this statement, we're not entirely sure if it is true. Therefore, anyone affected should be moving forward with the personal protection methods now being made available to Optus customers.

Here are some of the popular speculations for the redaction of the data, though no one truly knows why:

- Optus secretly paid the cyber criminal to not release the data. This has been denied formally by Optus.
- The Government paid the ransom to protect civilians, affected gov personnel and government infrastructure.
- There is too much attention on the data and the criminal will wait until it dies down to sell later.
- The criminal is spooked by the full force of multiple government agencies focusing on them, has deleted the data and gone into hiding.

How To Protect Yourself

1. Get visibility on your credit rating 

You should check your credit reports for your own understanding and visibility of what your credit looks like to quickly detect any anomalies. We suggest ordering your credit report from each of these organisations, since some may compile credit data that the other two have overlooked.

Equifax: Go to Placing a ban with Equifax and fill in and submit the form. Once submitted, Equifax will email you to let you know the ban is in place.

Illion: Go to Placing a ban with illion and fill in and submit the form. Once submitted, illion will email you to let you know the ban is in place.‍

Experian: Complete the ban request form on the Experian website.

A credit ban means that when a business is issuing you with credit, and they conduct a credit check a process will trigger causing any new applications that aren't authorised by you in writing, to decline. Be sure to select the option to make this ban across all other credit services

You can find further information on credit bans here.

A credit ban is valid for 21 days, extensions may be granted with evidence supporting that you are, or are at risk of becoming, a victim of fraud. In most cases, this will require you to show that you have either a police report number or a www.cyber.gov.au report number.

2. Change your license number, if possible

New South Wales: https://www.service.nsw.gov.au/transaction/replace-nsw-driver-licence-online

Queensland: https://www.qld.gov.au/transport/licensing/update/change-your-customer-reference-number

South Australia: https://service.sa.gov.au/news?a=1112633 

Tasmania: https://www.service.tas.gov.au/services/transport/driver-and-rider-licences/apply-for-a-new-driver-licence-number

Northern Territory: at the time of writing, there is no available information for the NT

Victoria: https://www.vic.gov.au/victorian-drivers-licence-record-flag-optus-breach 

Australian Capital Territory:  https://www.accesscanberra.act.gov.au/s/article/Information-about-the-Optus-data-breach

Western Australia: WA Premier Mark McGowan confirmed on Wednesday anyone whose licence number was involved in the leak, will be able to get a new licence and number free of charge. McGowan said the government and Department of Transport were working to get a new system built “as quickly as we can”.

3. Medicare & Passport Numbers

The government is now looking into providing new Medicare & passport numbers for anyone affected. Health Minister Mark Butler told the ABC today:

"We are very concerned about the loss of the data and are working hard to deal with the consequences, but we are particularly concerned we were not notified earlier and consumers were not notified earlier about the breach of Medicare data as well".

3. Change Your Email Address

If possible, change your email address and update all of your accounts to the new address. Or create separate email addresses for separate categories of accounts. For example: 

Have one email address for your online banking and myGov, another email address that is used for online shopping, another for social media etc. That means if one site has a data breach, all of your accounts aren't at risk. 

4. Enable Multifactor Authentication 

This adds a crucial layer of protection to your accounts. It means if a cybercriminal obtains your login details, they still can't access your account because you have multifactor or 2FA protection on your account. 

5. Other Measures

Education: Our ultimate guide to cybersecurity

Cybersecurity Strategies: Implement the ASD8

Conduct a security audit across your business 

This situation is still unfolding, we will continue to update this blog post as additional information comes to light. If you would like to learn more about cybersecurity and how to protect your business, get in touch

Subscribe to our newsletter for the latest technology tips & tricks.

Recent Articles

Tags

Categories

Search the Powernet blog

The Most Common Issues We Encounter on the Helpdesk and How to Fix Them

The Most Common Issues We Encounter on the Helpdesk and How to Fix Them

On a busy IT helpdesk, no one day is the same. There are a multitude of different reasons clients call […]

Read more
'The Importance of Reliable IT Support for Australian Businesses'

'The Importance of Reliable IT Support for Australian Businesses'

Amidst the dynamic landscape of technological advances, every business, whether big or small, needs effective IT in place. Using a […]

Read more
Staying Cyber Safe, Top 10 Tips for Being Cyber Secure

Staying Cyber Safe, Top 10 Tips for Being Cyber Secure

The importance of Cyber Security What is Cyber Security – Cybersecurity is the practice of protecting computers, servers, electronic systems, […]

Read more

We are well awarded

Reach our team

We’re always happy to help you find the right solutions to your IT and technology needs. Here are some ways to contact us.

Give us a call

Chat with our team to discover the best IT solutions for your organisation.
1300 892 692

Our locations

Melbourne CBD

Level 15 / 565 Bourke Street, Melbourne VIC 3000

Eastern Melbourne

Level 2 / 74 Doncaster Road, Balwyn North VIC 3104

Geelong Region

East 4/13-35 Mackey Street, North Geelong VIC 3215

Sydney

U18 / 23-31 Bowden Street,
Alexandria NSW 2015
(02) 8214 8855

Brisbane

7/9 Archimedes Place, Murarrie QLD 4172

Send us an enquiry

cross