The Optus Data Breach: Let’s Unpack What Went Down And What It Means For You

Want more Junkee in your life? Sign up to our newsletter, and follow us on Instagram, Twitter and Facebook so you always know where to find us.

The Optus data breach has caused almost 10 million records of customer data to be stolen.

Minister for Home Affairs and Cyber Security Clare O’Neil said the massive breach was equivalent to Optus leaving the window open for “data of this nature to be stolen”.

“One significant question is whether the cyber security requirements that we place on large telecommunications providers in this country are fit for purpose,” O’Neil said.

Now Optus is dealing with a different situation. The alleged hacker has apologised for their extortionate threats and has claimed to have deleted the only copy of the data that they scraped from Optus. Which on the surface sounds like good news right?

Unfortunately the news comes just one day after the alleged hackers already released the personal information of 10,000 Australians in an attempt to get paid ransom money for $1.5 million dollars. And it’s really too soon to tell how this story will end.

How Exactly Did The Hack Allegedly Go Down?

The alleged hacker claimed to have executed the breach by simply accessing an API address that had no username or password restrictions, but was still, miraculously, connected to the Optus customer database.

Put simply the hacker basically bypassed a modern home security system if someone were to leave the backdoor unlocked.

Australian privacy legislation allows telecommunications companies to keep user data for up to six years. Which means Optus customers from as far back as 2017 could have been affected by the breach.

What We Know So Far

The masterminds behind the data breach claimed to have stolen customer information including passport details, personal addresses, and driver’s licence data.

Sadly it’s being reported now that Medicare numbers were also released as part of the data breach.

So if you are an Optus user, you have most likely received an email letting you know how severe your data breach is. For the Optus customers whose passport details and driver’s licence data have been stolen, the news is more worrisome.

Experts expect people’s data in this breach will be distributed across the dark web, where cyber criminals can use it to commit identity theft or fraudulent credit applications. Or even to re-attack the customer by gaining trust through phishing attacks.

However, since the alleged hacker has allegedly backtracked on their ransom plea and deleted the data, hopefully less people will be affected.

What You Can Do In The Meantime

Even so there are ways you can proactively defend yourself.

First up you can check if you have been affected by the hack by accessing Have I Been Pwned, a website that cross-references your email address with major data leaks. Experts then suggest making a list of your most vulnerable accounts, e.g. bank accounts or any accounts with your credit card details saved.

Next step is to reset passwords for those accounts and activate a multi-factor authentication on sensitive accounts, if you haven’t already done so. Most importantly, avoid sending multi-factor authentication codes to your Optus phone number from now on. Experts suggest switching to a Google or Microsoft Authenticator. You can also place short-term freezes on any credit checks, which can help stop criminals taking credit in your name.

Customers in NSW, Vic, QLD and South Australia, who have had their driver’s licence numbers compromised in the breach, can now change their number and get new cards.

Each state has their own system, so customers are being advised to jump online to apply for a replacement. Optus is expected to bear the bulk cost of the changeovers.

Finally, take extra care with texts and emails that have links or ask you to verify anything. Even over the phone.

You can call this non-for-profit organisation IDCare, which assists victims of cyber-attacks and identity theft.