Caught up in the Optus data hack? Here’s what you need to know now!

October is Cyber Security Awareness Month and it’s a timely reminder for Australians to stay secure online.

The recent Optus data hack breach raises some very important questions about how we should be protecting ourselves by safeguarding our identity and data.

There are many resources when it comes to navigating data protection, but it is vital to only enlist the help of those that are secure and reputable.

We’ve waded through the overwhelming advice to make sense of how to proactively safeguard your data, what to look out for and how to act if you’re caught up in a data breach.

Proactive steps to protect yourself

Proactively protecting your data involves a set of strategies, processes and technologies that safeguard confidentiality, integrity and protect against hackers or other malicious threats.

Securing online information is very much a case of taking simple measures to prevent potentially catastrophic outcomes.

From credit monitoring services to improving your data literacy, there are strategies everyone can employ to ensure personal data is better protected.

Sign up for a free credit monitoring service

Lenders use credit information bureaus (also known as credit monitoring services or bodies) to check an individual’s creditworthiness. These services can similarly be used to closely track your credit score, ensuring you haven’t fallen victim to identity fraud.

According to the Office of the Australian Information Commissioner (OAIC), a credit reporting body must give you access to your consumer credit report for free once every three months.  

Those who have been refused credit within the past 90 days or have had their credit-related personal information corrected can request a free copy any time.

Below we have listed some free credit monitoring services recommended by the OAIC, which will allow you to keep an eye on your credit report.

Equifax is Australia’s largest and most comprehensive credit information bureau. Used by lenders, Optus is also offering free Equifax reports for 12 months for its most affected customers. 

Those seeking to track their credit score can do so online or by calling Equifax on 13 83 32.

Experian is a business solutions and credit reporting body where you can obtain a copy of your credit report on the website or via phone on 1300 783 684.

Illion is an Australian and New Zealand data registry that may hold other information about you, which means you will need to specifically request a report of your credit score online or by calling 13 23 33.

Individuals can also apply for a credit ban with each of these reporting bodies. It is possible to arrange for a credit ban across all three agencies via one application.

Note that some credit monitoring services work with lenders and may send you postal and email information about financial services products.

Seek help from government-backed data protection resources

There are a number of government organisations that provide reputable advice and information about data protection and cybercrimes. Listed below are a handful of helpful government resources:

• IDCare
• Office of the Australian Information Commissioner (OAIC)
• Moneysmart.org
• Australian Cyber Security Centre

IDCare has a dedicated Optus data breach response page to support individuals who suspect they have been impacted by the recent Optus data breach.

This is an especially useful resource in assessing the potential risk and damage of specific exposed credentials, such as a passport number. You can also find a comprehensive list of precautionary measures here.

Back up early and often

Regularly backing up your data remains to be one of the best methods to secure your information. Backups help to protect data, such as photos and documents, from any malicious hacking and ransom attempts.

We suggest backing up to both a trusted online service and external hard drive for optimal protection.

Install software updates

We’re all guilty of dismissing a software update by clicking that ‘try again later’ button on the notification.

Leaving software outdated can, however, increase your system’s vulnerability and open you up to a potential cyberattack, so it’s important to update often. 

Minimise data collection

The reality is that we should always think twice before dishing out details even as seemingly little as our emails, names and phone numbers.

Hackers can use a scrap of information (like a simple name) to piece together bigger pieces of your identity from other sources.

On that note, it is also important to ensure your social media profiles are private and don’t disclose personal information.

Set up multi Factor Authentication

Many accounts offer or require two factor authentication process. This usually involves downloading an authenticator app and entering a code after signing in to an online account. We recommend setting this up wherever possible.

Improve your data literacy

The Optus data breach has been a confronting wake up call for many. The reality is that most organisations and individuals can do more to protect their data.

In the current age, turning to reputable resources (like the ones listed above) to brush up on the ever-evolving cyber security sphere is arguably as important as taking care of your health.  

In saying this, even the most conscious of people and organisations can fall victim to a cyberattack, which is what happened in the recent Optus data breach.

What to look out for

While on the subject of taking precautionary measures, it’s also important to remain vigilant about scams and unsolicited communication. Specific activity to watch out for includes:

• Unsolicited calls, emails and text messages (often impersonating government bodies and businesses)
• Suspicious links
• Unexpected activity across online accounts or devices
• Unauthorised bank account activity including loans or applications

Consider subscribing to www.scamwatch.gov.au to stay up to date with current scams within your community.

What to do if you’ve been affected

Acting quickly is key in reducing your risk of harm whether you have been directly notified of a data breach, or suspect your data has been stolen.

The action you take depends on the information that has been stolen. For example, it may be necessary to replace a driver’s licence if that identification was part of a data breach.

Changing your passwords regularly is always a good idea and is even more important after a data breach. Ensure you have strong passwords and use a different password for each account.

Reporting the breach by notifying your bank or relevant organisation is also key in getting ahead of the breach.

The Australian Cyber Security Centre is a good point of call for those who suspect they may have fallen victim to a cyberattack.

You can complete a two-minute online quiz that assesses the likelihood of harm.

Optus data breach: What happened?

Optus recently notified the Australian Federal Police and its customers that it was the victim of a cyberttack that exposed the personal details of almost 10 million customers – both existing and former.

While no financial information or passwords were accessed, the nature of the breach is unequivocally severe. The number of identifying data fields varies case-by-case. Personal data that has been leaked includes:

• names
• dates of birth
• phone numbers
• email addresses

Some customers have also had some additional identification details leaked. These may have included some or all of the following:

• driver’s licence number
• passport number
• Medicare number

So far, only a small number of Medicare numbers appear to have been leaked. Optus’ investigation of the breach is yet to be complete, so the extent is still developing. The most up to date information can be found on the Optus website.

Was I affected?

Optus has directly contacted the individuals whose identification documents were compromised via email or text message.

While this communication remains to inform customers exactly which documents have been illegally accessed, the most affected customers will continue to receive direct information from Optus. These customers will be offered expert credit monitoring services free of charge.

It should be noted that correspondence from Optus will never feature any links.

Individuals who have concerns about their personal information can contact Optus via the My Optus App or by phoning 133 937.

How to obtain a new driver’s licence

Optus has directly contacted customers who had their driver’s licence number and/or licence card stolen as a result of the cyber-attack.

It’s strongly advised that those who have had both exposed get a replacement card as soon as possible. Customers who have been notified of this by Optus will be eligible for a new licence at no cost.

Here’s where it gets a bit tricky because replacement licenses can work differently in each state and territory. The table below outlines how affected Optus customers can get the cost covered.

Note that the replacement licence cost will not be covered for customers who have had other details or only their driver’s licence number (not card) exposed.

Again, this is developing in accordance with state and territory government legislation. So far there is no official information about replacement passports. The latest updates are available online.

Final points

The rise of technology has directly increased the amount of personal information we disclose. Data breaches and cyberattacks are becoming more sophisticated, meaning it’s more important than ever for individuals and organisations to prioritise proactive data protection.

Disclaimer: The Champagne Mile has no association with any credit information bureau in Australia. We do not provide personal, financial or professional advice. The information published on this site is of a general nature only and does not consider your personal objectives, financial situation or particular needs.

While you’re here: Subscribe to our newsletter for the latest tips, deals and news. It only takes a few seconds and we respect your privacy: