Optus has provided updated information about the impact of the cyberattack on customers.
On the back of extensive ongoing engagement with more than 20 Federal, State and Territory government agencies and departments, Optus has confirmed:
- Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised. Optus has communicated with these customers and recommended that they take action to change their identification documents.
- In addition, approximately 900,000 customers have had numbers relating to expired IDs compromised, in addition to personal information. We continue to work with governments and agencies regarding what further steps, if any, those customers should take.
The update late yesterday helps provide more clarity for our customers. Having worked with government agencies to meticulously analyse the data for the company’s 9.8 million customers, Optus can confirm the exposed information did not contain valid or current document ID numbers for some 7.7 million customers. The data contained details such as email address, date of birth or phone numbers. For these customers, it is important to remain vigilant.
Optus has sent an email or SMS to the customers that have had current ID documents compromised in the cyberattack, advising that details from their ID documents have been compromised and what they should do. Optus also contacted customers whose ID documents had expired to notify them that ID documents were compromised.
For customers seeking more details beyond the regular updates, other information can be obtained at Scamwatch and cyber.gov.au.