Optus customers in Bendigo have had their sensitive information leaked on the internet, after the telecommunications company suffered a major cyber attack last week.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
The sensitive details of 10,000 Australian customers was released on Tuesday morning, after the person or group responsible behind the breach warned it would release the information if Optus does not pay a $1.5 million ransom.
The illegally obtained information includes passport, Medicare and driver licence numbers, dates of birth, home addresses and information about whether a person is renting or living with parents.
The Bendigo Advertiser has seen the personal information of at least three Bendigo-based customers whose data was released on Tuesday.
Optus publicly revealed the cyber attack on Thursday, which impacted 9.8 million Australian users, was now the subject of an investigation by Australian Federal Police.
What information has been hacked?
While Optus said it was still investigating the breach, it confirmed customer details, such as names; dates of birth; phone numbers; email addresses and home addresses were accessed.
It also revealed the details of personal identity documents, such as passports and driver's licences, were breached for some customers. Passwords and payment details were unaffected, the telco said.
Is my data affected?
If you're an Optus customer, there's a chance your data has been captured in the cyber attack.
Optus said it was contacting all customers who had their information illegally accessed, starting with those whose ID document details were compromised.
It announced on Monday it had completed sending emails or SMS messages to that first group and were continuing to contact customers who had other details, such as their email address, illegally accessed.
In the meantime, Optus is warning last week's attack could trigger a rush of scams by criminals, including phishing calls, emails and text messages.
It's encouraging its customers to keep an eye on bank accounts, be vigilant about suspicious emails and links, texts, phone calls or messages on social media and not to allow people posing as credible companies access to your computer.
IN OTHER NEWS
My data might have been breached, what should I do now?
If you've been contacted by Optus, or you suspect you're about to be, there are a few easy steps to take first.
The first is vigilance, as Optus has already recommended. Monitor your financial accounts for suspicious activity, and avoid opening unusual links or messages.
The government's Scamwatch also recommends you change online passwords and enable two-factor authentication to make accounts less susceptible.
If you think your identity has already been compromised, Scamwatch urges you contact your bank and call Australia's national identity and cyber support service, IDCARE on 1800 595 160.
The Australian Cyber Security Centre has listed a "medium" alert status on the incident, and suggests heading to its online tool for further advice.
Unfortunately, further avenues at this point are limited.
The Office of the Australian Information Commissioner has been alerted to the incident, via the notifiable data breach scheme, and recommends acting quickly to reduce the impact.
In the meantime, investigations are continuing and the federal government is expected to make an announcement later this week.
- Support is available for those who may be distressed. Phone Lifeline 13 11 14; Mensline 1300 789 978; Kids Helpline 1800 551 800; beyondblue 1300 224 636; 1800-RESPECT 1800 737 732.
Now just one tap with our new app. Digital subscribers now have the convenience of faster news, right at your fingertips with the Bendigo Advertiser. See how to download it below: