On Thursday 22nd September, Australian telco giant Optus revealed they had been the target of a cyber attack that has compromised the personal details of potentially 9.8 million users. If you are an Optus customer, your name, date of birth, phone number, and email addresses may have been breached. Identity documents such as driver’s licences or passport numbers may also be in the hands of the cyber criminals, paving the way for potential identity theft.
While it is as yet unclear whether the attack was financially or politically motivated, if you are an Optus customer it’s important that you take immediate action to secure your details.
I’m an optus customer! What do I do about the breach? How do I protect my identity?
First of all, don’t panic! There are actionable steps you can take to secure your most important details, such as your bank or Medicare accounts. Follow the below steps to ensure you are protecting your details to the best of your ability.
Change your bank login details
Scamwatch has advised Optus customers to change their bank logins. Changing your password is crucial, however we also recommend updating your username or associated email for the ultimate protection.
Update your email password
We advise updating your email password and any other accounts that use the same email and password combination that you used for your Optus account. Choose a strong password with multiple lowercase, uppercase and special characters. You can use this free password generator to help you out!
Enable multi or two factor authentication
Most apps and accounts provide the option to enable multi or two factor authentication. Check within your account or app for the option to enable it (this can usually be found within the Account, Password, or Security settings). Multi or two factor authentication provides an extra layer of password and login protection. With MFA or 2FA enabled, in order to successfully login and access your account you will need to supply a confirmation code/PIN that is generally sent to your personal device via text, email or both. It’s important to enable multi or two factor authentication because cyber criminals will not be able to proceed past the authentication method even if they have the stolen password and email combo for your account. Plus, you will also most likely receive a notification of the attempted login so you can track suspicious activity on your account!
Place limits on your bank account
Place smaller limits on your bank account until you can confirm your bank or login details were not compromised. This will prevent cyber criminals from moving large amounts of money out of your account.
Monitor for suspicious or unusual activity
Keep an eye out for suspicious purchases, login attempts, emails, or other unusual activity across your accounts.
Watch out for scams
Optus has advised customers to only contact the company via their app or official phone number. Scammers may impersonate Optus and target customers via email or text, so be wary of any correspondence that claims to be from Optus – particularly if they are asking you for money or to provide personal information.