Here is what you should do
After the cyber-attack, Optus has referred the mass data breach to the Australian Federal Police for investigation after personal details of 9.8 million customers were stolen by hackers.
“The AFP will work with Optus to obtain the crucial information and evidence needed to conduct this complex, criminal investigation,” a statement on Friday read.
“The AFP’s specialist Cyber Command will work closely with a number of agencies, including the Australian Signals Directorate.”
This massive hacking attack against Optus may have compromised millions of customers including stealing their passport and driver’s licence numbers.
Optus chief executive Kelly Bayer-Rosmarin says she is “angry” and has apologised for the cyber intrusion in a conference call with reporters on Friday, saying “it should not have happened”.
“I’m disappointed that we couldn’t prevent it,” she said.
It is mind boggling that it is not yet know if the heist was committed by private criminals or state-sponsored.
And the telco giant is also still unsure how many customers have had their personal information – including emails, phone numbers and identifying documents like licences and passports – exposed to hackers.
Ms Bayer Rosmarin said “the exact mechanics are subject to a criminal investigation, and we won’t be divulging that – safe to say it’s a sophisticated attack.”
Customers dating back to 2017 may have been affected, because under law Optus must keep user records for six years, the company said.
Optus is categorizing customers with the most fields exposed. Over the next few days, all customers will know in what category they fall.
BT can reveal that Optus is working out the details around customer compensation following the cyber-attack.
Also read: Optus wi-fi when you can call UBER
Authorities are concerned that the information stolen can lead to identity theft and art thus warning Optus customers to be extra vigilant.
Liberal Senator James Paterson, former chair of the parliamentary committee overseeing intelligence and security, told the ABC on Friday that the Optus hack is the most significant in recent Australian memory.
“It is the nature of the information which appears to have been stolen which is particularly concerning,” he said.
“It’s personally identifiable, identifying information like people’s names, their phone numbers, their email addresses, their home addresses and in some cases even identification document numbers like passport[s].”
Be on the lookout for more information from Optus in the coming days.
How do you know if you are at risk?
Optus will contact you if you have been affected by the cyber-attack.
If you believe your data may have been compromised, or you have specific concerns, you should Optus through the My Optus App.
The company says this is the safest way to interact with Optus or by calling 133 937.
Be aware Optus will not send links in any emails or SMS messages.
What should you do to protect your details?
You are advised to change your online account passwords and enable multifactor authentication for banking.
You should also immediately to place limits on withdrawls for your banking.
“It is important to be aware that you be may be at risk of identity theft and take urgent action to prevent harm,” Scamwatch said in a statement.
“Scammers may use your personal information to contact you by phone, text or email.
“Never click on links or provide personal or financial information to someone who contacts you out of the blue.”
If still unsure, contact your local Optus dealer and seek help.