ACCC Scamwatch is warning Optus customers to protect their accounts and watch out for scams following an Optus data breach.

What you need to know

Millions of Australians have had their personal details compromised in a major cyberattack on Optus.

If you are an Optus customer your name, date of birth, phone number, email addresses may have been released. For some customers identity document numbers such as driver’s licence or passport numbers could be in the hands of criminals. It is important to be aware that you be may be at risk of identity theft and take urgent action to prevent harm.

Optus has said the breach affects current and former customers, however payment details and account passwords have not been compromised.

Optus phone services were not affected and remain safe to use, with messages and voice calls also not compromised.

Optus Chief Executive Bayer Rosmarin said the company is not aware of anyone who’s been harmed by the cyberattack yet, but has asked customers “to have heightened awareness across their accounts”, which includes “looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.

There is no impact to the Australian Mutual Bank systems as a result of the cyberattack. We have security controls and measures in place and are working effectively as normal.

How you can protect yourself

Deputy Chair of the ACCC (Australian Competition & Consumer Commission) Delia Rickard spoke on Channel 9’s ‘Today Show’ and provided tips for those who fear they have been affected by the breach.

Simple steps like changing your online account passwords and enabling two-factor authentication on all banking can help keep your details safe. As well as regularly checking your accounts to see if any unknown purchases have been made.

You may need to cancel your card and get a new one, if someone else has your card details.

It is also possible to get a free credit reference check every three months which allows you to see if anyone has been applying for loans in your name... If you suspect fraud, get a ban on your credit records.” said Rickard.

Ms Rickard also said people should be on the lookout for any contact from potential scammers.

I think one of the really important things is, when you are contacted by anyone that you are not expecting, whether they say they are the government, your bank, any identity at all … you will never know who you are dealing with.”

Because the scammers have so much data about you they will know your name, they will know your age, they will be able to personalise scams. We know that when somebody calls you and has your name and a few details you are much more likely to trust them. So I think, be highly sceptical as well.

More information and whom to contact

For any Australian Mutual Bank members that hold an account with Optus, we advise contacting them to find out if any action needs to be taken or should you have any specific concerns. Optus has advised the safest way to contact them is via the My Optus App or by calling 133 937. Optus will not be sending links in any emails or SMS messages.

The ACCC also suggests calling IDCARE, the national identity and cyber support service, if you fear your information has been breached.

In addition to the actions our fraud team are taking, we recommend Optus customers monitor their accounts for any unusual activity and contact us immediately if there are any concerns by calling 13 61 91.

For the most up to date information, monitor the Optus website. You can also find more on how to protect your personal information and accounts by visiting our Security Advice page.

Sources: Customers warned to watch out for scams following Optus data breach

Scamwatch: Optus CEO makes emotional apology following cyberattack

Optus: Optus notifies customers of cyberattack

23 September 2022