At the end of September 2022, #Optus has announced shocking news that they have been cyber-attached and their customer’s data has been stolen. The data includes the customer's name, dates of birth, phone numbers, email address, home address, and ID document numbers, such as driver’s licence or passport numbers.
We have seen this kind of news before, but this time, it looks more serious than ever. This incident made many consumers in Australia worry about their online security.
What could happen, if your information was stolen from cyber?
It means, someone can be “You”, and create a new account, or use your existing account to do something. It can hurt someone and it could be your responsibility because it has been done under your name. Worst case scenario, your assets, such as cash on bank, might be taken.
Then, what can we do to protect ourselves from identity thieves?
Most common method is to change your password consistently, say every month. When you make a password, do not use words or numbers that somebody who knows you can guess, such as your partner’s name, someone’s birthday, name of your favourite sports team, etc.
Also when you need to provide your information on the online form, provide as minimum as possible. Just provide requirements only. More information people get, the easier it is to identify as you.
One of the methods I personally use is I have created one bank account with a debit card that is only for online shopping, and keep the balance that necessary amount only, say not more than $500. By doing so, in case this account has been stolen, my damage will be minimal because I do not keep a non-necessary amount on that account.
Also find a bank that is able to block overseas transactions on your credit card or debit card. This will eliminate a large number of chances that someone will transfer your money from your account. Just enable it when you need it.
Most people might ask this question, “has Optus broken any laws?”
Optus has not yet provided details of the cyber-attack, so it is hard to say yes or no at this stage. Final decision will be decided by the privacy commissioner, if there is violation of the Australian privacy principles.
Even though there are still people who are worried about their online security, at least Optus has announced their apology to the public and taken action accordingly.
One sad thing is that it is hard to catch the “bad guy” who actually did all of the cyber-attack incident to Optus, but hopefully police can put them to put behind bars.