Cybercrime can be reported to the government here.
I haven’t been contacted by Optus, but I am a customer, does that mean I haven’t been affected?
No. Optus has said it is contacting the people who are at “high risk” first and will contact all affected users “over the next few days”. It has to work through millions of customer records to determine who has had what information taken.
I’m not an Optus customer now but I was in the past, am I safe?
Unfortunately not. The breach has affected past customers back to 2017 as well as current ones.
Has the stolen information been published anywhere?
Not that we know of. It is common in situations like this for companies to receive a ransom demand before information is published but again, there is no evidence that has occurred.
Where is the hacker from?
Optus chief executive Kelly Bayer Rosmarin said on Friday the hackers moved their internet addresses to disguise themselves, but “safe to say it comes out of various countries in Europe”.
Why does Optus have driver’s licence and passport numbers?
To buy a SIM card in Australia you have to have ID under laws intended to stop crimes and terrorism. Images of that ID have not been compromised, but Optus does retain the number.
Australia does have privacy laws that determine how long companies can keep your data for, how it is stored and what it is used for. “Under the Privacy Act, organisations have obligations to protect against unauthorised access, disclosure or loss of personal information,” said a spokesman for the Office of the Australian Information Commissioner, which regulates the issue.
I’m with Amaysim, another telco that Optus owns, or use Optus’ enterprise services. Am I at risk?
No. Amaysim data has not been compromised, Optus has said. It has also said that wholesale, satellite and enterprise users that “this cyberattack does not affect the platforms and services supporting them. Optus services remain safe to use and operate as they normally do.”
Are Optus’ broadband and mobile phone networks operating?
Yes, these systems are still online and functioning normally. The company has said they were not compromised and there is no danger in using them.