Information regarding the recent Optus cyberattack

Written By Lachlan Nicolson

Get details on the recent Optus cyber attack and learn how to protect your business from similar threats with expert advice. Please read if you’re an Optus customer.

Optus cyber attack news

For the Latest updates & support on Optus cyber response: Visit Optus Cyber Website

Published on the 26/9/22.

Optus has suffered a major data breach, compromising the personal information of up to nine million customers, current and dating back to 2017. This is turning out to be one of Australia’s largest data breaches.

Personal details compromised in the breach include:

  • passport and drivers licence numbers,

  • email addresses,

  • home addresses,

  • dates of birth, and

  • ~2.8 million telephone numbers


What should you do? 

If you are a current Optus customer or former customer from 2017 onwards, here’s what we recommend you do: 

  1. Update your Optus account password

  2. If you’ve used your Optus password elsewhere, update those accounts as well —immediately.

  3. Enable Two-Factor Authentication on your email and bank accounts.

  4. Stay vigilant across your email, phone and bank accounts. Do not click on suspicious email or sms links.

  5. If you suspect financial fraud, contact your bank immediately.

Optus has stated that they will contact any customers who are at a heightened risk. We have asked them to do the same to former clients. The official number to contact Optus is 133 937. 

Upate: 26/09/2022:

Optus has now sent email or SMS messages to all customers whose id document numbers, such as licence or passport number, were compromised because of the cyberattack.

Use a Password Manager

At ShadowSafe, we highly recommend businesses and individuals use password managers to generate and secure account credentials. Many password management apps also alert you of compromised accounts and help you maintain good password hygiene. 

Recommended password managers: 

  • Lastpass (personal/business)

  • 1Password (personal/business)

  • Dashlane (personal)

Enable Two-Factor Authentication (2FA)

Enabling Two-Factor (or Multi-Factor) Authentication stops 99% of account compromises. 

Please read our latest Insight on how to enable 2FA across your accounts. 

Source & Image: Optus

Lachlan Nicolson

Previous

Strengthen Security with Conditional Access
Next

Human Risk Management: What it is and why it matters