Home | News | Cyber Security – Optus data breach

Cyber Security – Optus data breach

In light of the recent Optus data breach, we thought it timely to provide a list of things you should consider to help protect your identity

 

THINGS TO CONSIDER IF YOUR DATA HAS OR MAY OF BEEN BREACHED

1. Check bank accounts and credit cards regularly to check for unusual purchases. Call you bank if any suspicious activity. Update all banking passwords and set up 2 factor authentication where available.

 

2. Be extra vigilant with emails you receive. Are they from a legitimate email address, what are they asking for? Do not open any emails that are not from a legitimate source and particularly do not click on any links or attachments. (These could contain malware etc) Beware of phishing emails, including those asking to update billing details or pay invoices.

Use an up-to date anti-virus application that includes email protection and scanning.

 

3. If you receive phone calls or text messages from any unknown source or source purporting to be a bank, tax office, telco provider etc be cautious and take steps to ensure they are who they purport to be.

If you are unsure whether the source is legitimate, hang up immediately and contact the provider directly via their verified telephone number and/or website.

Do not give any personal details to any party that cold calls you.

Do not click on any links they send to your mobile phone Just because they know your name, address, date of birth etc does not mean they are who they say they are.

 

4. You can also request a copy of your credit report to check for any unauthorised loans or applications. These reports are usually free.

You can request a report via Equifax, Experian or Illion.

Optus has offered customers whose ID numbers and personal details have been leaked a free 12-month subscription to Equifax Protect. https://www.equifax.com.au/optus

 

5. The website “ Have I been pawned ” may tell you if your phone or email address has been breached, and by which provider.

You may need to consider changing passwords if your email address has been breached.

 

6.If your Medicare card has been breached, you can request a new Medicare card.

 

7. If your passport has been breached, you can request a replacement passport Requesting a replacement Australian Passport

 

8. If your driver licence number has been breached, you can request a new driver’s license:

In Victoria, you can flag your records with VicRoads to prevent any unauthorised changes or access to individual information through the VIC Roads Website. This however will not prevent people from using your licence information with third parties. Vic Roads is also working on a process to enable individuals to have their driver’s licence changed, but no information is available on this yet. Requesting a replacement Victorian Drivers Licence

In NSW, Optus will be notifying people on the necessary remediation activities in relation to their driver’s licence. If a replacement is required, the replacement licence may be applied for online, by visiting a Service NSW Service Centre or by calling 13 77 88 Requesting a replacement NSW Drivers Licence

In Queensland, a replacement drivers’ licence will be issued where the following documentation is provided to a transport and motoring customer service centre:

·       Your evidence of identity (such as current licence, birth certificate, proof of age card); and

·       A copy of the Optus data breach communication; or

·       Written notification from an enforcement authority such as Queensland Police Service

Requesting a replacement Queensland Drivers Licence

 

9. Consider applying for a credit ban to freeze you credit file. Credit Ban fact sheet – Australia

This will stop any credit agencies providing any personal information to any credit providers without written consent from you, unless required to do so by law. Credit bans last for 21 days however can be extended if circumstances warrant.

 

10. Protect yourself from identity fraud by:

·       Where possible always use Multi Factor Authentication. Preferably use an authenticator such as google rather than an SMS.

·       Use Strong Passwords

·       Shred your documents from banks, super funds, employers etc that may contain personal details that could be used to steal your identity.

·       Use public computers with caution

·       Be careful what you post on social media, particularly is your profile is public.Scammers may find out where you live, work and when you’re on holidays etc.

·       Put a lock on your street mailbox so people can’t steal you mail.

·       Always remaining vigilant.

 

Victims of an attack can also refer to the advice of experts including:

·       the Australian Cyber Security Centre at cyber.gov.au or on 1300 CYBER1 hotline

·       Moneysmart ( moneysmart.gov.au/banking/identity-theft )

·       ID Care ( https://www.idcare.org ), and

·       the Office of the Australian Information Commissioner ( oaic.gov.au privacy data breaches-respond to a data breach notification )