Whether you’ve read about it in the news or you received an email from Optus directly, the significant data hack impacting customers of the major telecommunications company on Thursday 22nd September has unsurprisingly left customers feeling unsettled and distressed.
Optus has revealed that while financial information and passwords of its customers were not accessed, the breach did compromise names, dates of birth, email addresses, phone numbers and some ID documents including drivers licence numbers, passport numbers, and Medicare numbers.
It is thought that 10 million Australians have been impacted by the breach, and around 3 million customers have had “significant” amounts of data stolen.
In the aftermath of the hack, the details of 10,000 Optus customers have reportedly been released on the dark web, with people claiming to be the hackers threatening that they’ll release more until a ransom amount of $1.5 million is paid out.
If you’re a past or present customer of Optus and worried about your data being exposed, scroll on for five tips that will help to protect and secure your accounts.
MAKE YOUR PASSWORDS AS STRONG AS POSSIBLE
The first thing to do is to ensure you have strong passwords on your accounts, not just your Optus account. Strong passwords should be long and contain uppercase and lowercase letters, numbers, and special characters. They should also be different for each of your main accounts, but especially for banking and email accounts.
ENABLE TWO-FACTOR AUTHENTICATION
Where possible, enable two-factor authentication on your accounts, and particularly for your banking details. You can do this via the banking app or calling your bank personally and asking them to set this up.
Two-factor authentication can involve a unique code being sent to your mobile or email. Additional security questions are also helpful as an extra step in protecting your accounts.
YOU CAN CONSIDER CHANGING YOUR PASSPORT, Drivers and Medicare NUMBER
It is understood that just the numbers of drivers licences, Medicare and passports were taken in the Optus hack—not copies of the entire documents. This means that without the additional details these documents present such as expiry dates or addresses, the risk of identity fraud is a little less severe.
That said, cyber security expert Toby Murray, an associate professor in cybersecurity at the University of Melbourne, told The Guardian there is still a risk.
“Depending on the context, different organisations will ask you just for your driver’s licence number or just for your passport number,” he said.
He says it’s worthwhile thinking about changing your passport, Medicare, and drivers licence number.
It’s possible to renew your passport in the usual way you would if your old one expires, via the Department of Foreign Affairs and Trade.
WATCH FOR ANY SUSPICIOUS ACTIVITY
Given that customers’ phone numbers have been breached, Optus has advised that it will not send out any emails or texts with links to click on.
To reiterate, if you receive an email from Optus, do not click on any link it may have, even if you believe it to be completely legit. The same goes for phone calls where people might ask for access to your computer or personal information—do not provide them with any information.
Instead, call your bank and reiterate all of the details to them. You can also call Optus direct on 133 937, though expect a delay. Otherwise call us on 1800 960 487.
CONSIDER AN IDENTITY THEFT MONITORING SERVICE
There is a division of the Commonwealth Bank called Credit Savvy.
Credit Savvy bills themselves like a fitness coach for your debt, which in itself is kind of weird. Their Schtick is that they calculate a personal credit score, which can be very useful. Part of their app allows you to lock down your credit file with a swipe or click of a button.
So here is a step-by-step guide on how to lock down your credit file so that scammers can’t rip you off.
Step 1: Download the Credit Savvy app (either in the Apple or Google app stores).
Step 2: Verify your details (I used my driver’s licence and Medicare card).
Step 3: Press “protect” from the bottom navigation.
Step 4: Press “Request a ban”. Credit Savvy will then let the other credit agencies know you’ve got a ban on your file within 2 business days.
Step 5: On the 16th day the Credit Savvy app will remind you that your pause is ending. When you get that alert – and this is important – click “ban my credit report for 12-months”.
And that’s it!
From then on if anyone tries to access your credit file, the Credit Savvy app will alert you.
Though it will also be locked so the bank or financial institution won’t be able to access your file. However, this will not count against you. To be clear, it will not harm your ability to take out credit.
Now if you are applying for credit (or say moving home and applying for utilities and the like), all you need to do is temporarily lift the ban on your credit file for a week or so. And then put that lock straight back on using the Credit Savvy app.
If you need assistance or have any concerns please call us on 1800 960 487.