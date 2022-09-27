Optus customers in Ballarat have had their sensitive information leaked on the internet, after the telecommunications company suffered a major cyber attack last week.
The sensitive details of 10,000 Australian customers was released on Tuesday morning, after the person or group responsible behind the breach warned it would release the information if Optus does not pay a $1.5 million USD ransom.
The illegally obtained information includes passport, Medicare and driver licence numbers, dates of birth, home addresses and information about whether a person is renting or living with parents.
The Courier has seen the personal information of at least three Ballarat-based customers whose data was released on Tuesday.
Optus publicly revealed the cyber attack on Thursday, which impacted 9.8 million Australian users, was now the subject of an investigation by Australian Federal Police.
While Optus said it was still investigating the breach, it confirmed customer details, such as names; dates of birth; phone numbers; email addresses and home addresses were accessed.
It also revealed the details of personal identity documents, such as passports and driver's licences, were breached for some customers. Passwords and payment details were unaffected, the telco said.
If you're an Optus customer, there's a chance your data has been captured in the cyber attack.
Optus said it was contacting all customers who had their information illegally accessed, starting with those whose ID document details were compromised.
It announced on Monday it had completed sending emails or SMS messages to that first group and were continuing to contact customers who had other details, such as their email address, illegally accessed.
In the meantime, Optus is warning last week's attack could trigger a rush of scams by criminals, including phishing calls, emails and text messages.
It's encouraging its customers to keep an eye on bank accounts, be vigilant about suspicious emails and links, texts, phone calls or messages on social media and not to allow people posing as credible companies access to your computer.
IN OTHER NEWS:
If you've been contacted by Optus, or you suspect you're about to be, there are a few easy steps to take first.
The first is vigilance, as Optus has already recommended. Monitor your financial accounts for suspicious activity, and avoid opening unusual links or messages.
The government's Scamwatch also recommends you change online passwords and enable two-factor authentication to make accounts less susceptible.
If you think your identity has already been compromised, Scamwatch urges you contact your bank and call Australia's national identity and cyber support service, IDCARE on 1800 595 160.
The Australian Cyber Security Centre has listed a "medium" alert status on the incident, and suggests heading to its online tool for further advice.
Unfortunately, further avenues at this point are limited.
The Office of the Australian Information Commissioner has been alerted to the incident, via the notifiable data breach scheme, and recommends acting quickly to reduce the impact.
In the meantime, investigations are continuing and the federal government is expected to make an announcement later this week.
Have you tried The Courier's app? It can be downloaded here.
Sign up for our newsletter to stay up to date.
We care about the protection of your data. Read our Privacy Policy.