Optus data breach: what to do if you think you're at risk

On 22 September 2022, Optus published an article on its website, advising customers of a Cyberattack which may have resulted in unauthorised access to current and former customers’ information.

Optus has advised the information potentially exposed may include customers’ names, dates of  birth, phone numbers, email addresses, and, for a subset of customers, addresses, and ID document numbers such as driver license or passport numbers.
Payment detail and account  passwords have not been compromised.
Optus has advised that customers that had the most fields exposed would be contacted first over  the next few days. It is likely that if you are not contacted by Optus in the next few days, that you  are not in this cohort of individuals.

Please note that notification from Optus is occurring via email and Optus will not provide any links  in email or contact you via sms or phone call asking you to verify any personal details or billing  information. If you are contacted via SMS or phone, do not engage, contact Optus directly through  a verified point of contact.
If you have received an email, by Optus for data breach notification. By acting quickly, you can reduce your chance of experiencing harm.

how you can check exactly what data of yours might have been leaked. First log-in here: https://www.optus.com.au/ and then once logged-in, visit this link and you should see a JSON encoded response that contains your personal information. Check in particular the indentType [sic] field, which should tell you what kind of document has been exposed; and the indentValue [again, sic—who wrote this data schema?] which in my case tells me exactly which document I should get re-issued.

If you don’t mind jumping through a few hoops, you can also confirm what street address details might have been exposed. To do that, first write down the numeric contactId value from the JSON response you got above. Then take the following URL https://www.optus.com.au/mcssapi/rp-webapp-9-common/customer-management/contact-person/{contactId}?lo=en_US&sc=SS and copy and paste it into the address bar of your browser. Manually replace the part that says {contactId} with the numeric value you wrote down. It should return yet another JSON encoded response that includes street address information. This response for me also included the ID document information in the documentType and documentNumber fields, plus (worryingly) information that would seem to pertain to the expiration date of the document

It is vital to monitor for suspicious activity on your accounts and report any you see to the relevant provider. Be wary of any spam calls/texts/emails, even on social media, and never click on suspicious links.
Banks, government bodies, and other institutions make it a policy to never contact you over text, phone, or email asking for personal information. If you receive suspicious communications, do not hand out your details. You can contact the provider directly to follow up or check the ACCC's Scamwatch to see if similar frauds have occurred.
Optus has explicitly stated it will not be sending links in data breach emails, so if you receive an email from "Optus" with a "click here for more details" button, it's likely not from the telco. Although Optus advised the user password is not breached, As a precautionary measure there are proactive response actions we recommend that you may wish to consider:
  1. Changing your Optus email and account passwords. Make sure you have strong passwords that you haven’t used for other accounts. (if you use same password as your Optus to the other accounts before make sure to change them).
  2. When updating your internet banking passwords, go to the financial institution’s website directly by typing their web address into your web browser. Generally, a financial institution won’t ask you in an email to click on a link to update your password.
  3.  Enable two-factor authentication on all your accounts, especially mobile banking or money management apps. This helps protect your data since hackers need more than just your password to access your account.
  4.  You could also  make regular backups of your phone’s data to a secure hard drive.
  5. Monitor your account transactions online or using paper account statements if you receive them. If you spot any purchases you didn’t make, report these immediately to your financial institution.
  6. Place limits on your accounts or ask you bank how you can secure your money.
  7.  If you suspect fraud you can request a ban on your credit report.
  8. Change your Driver licence, Medicare and passport number if you received email from optus that your data is breached.

If you require more info you can follow the guides below
What to do if there is a data breach (oaic.gov.au)
Also consider the steps outlined in IDCARE Optus Data Breach Response Fact sheet.


Post a Comment

Twitter Facebook Favorites More