The Office of the Australian Information Commissioner commenced an examination of the personal information handling practices of Optus and its parent company in early October, after the data breach that occurred on the 22 September 2022. The investigation will focus on whether Optus took reasonable steps to protect the personal information of customers, and whether the information collected and retained was necessary to their business.
This comes as consumer watchdog ACCC calls for a ‘national scam centre’ to be established. The ACCC says the threat of financial fraud in Australia is surging year on year.
Optus customers are reporting confusion and unclear communication practices, as some have received text messages advising their information has been compromised, while others have received emails. Some Optus customers who don’t appear to have been affected have reported no communication at all from Optus.
The Australian Securities & Investments Commission (ASIC) has released a factsheet to provide information on what to do if your data has been compromised in the recent Optus data breach.
Optus has advised they have now sent email or SMS messages to all customers whose ID document numbers, such as driver licences, were compromised because of the cyber-attack. They will continue to reach out to customers who have had other details, such as their email address, exposed.
Optus has advised customers that the safest way to contact them is via the My Optus app. Alternatively, customers can call them on 133 937 for consumer customers and 133 343 for business customers.
Agilient are experts at cybersecurity and business resilience. Contact us if you’re concerned that the Optus breach may have affected your business.