This article was originally published by Zynet and reflects the author’s views.

Reported as the largest cyberattack in Australian history, Australian telecommunication provider Optus has now been asked to explain why personal identifiable information (PII) was not encrypted and how the hacker has been able to exfiltrate almost 10 million customer records.

On Tuesday 27 September, the hacker released over 10,000 records. The information leaked included passport and license numbers, addresses, Medicare details equating to 100 points. The hacker released some of this information to the dark web and demanded the ransomware payment of A$1.53m in cryptocurrency.

According to comments from Australian Cyber Security Minister Claire O’Neill during an ABC interview, it appears that this attack was not sophisticated and could have been prevented if certain cyber safety measures were in place to secure customers information. Ms O’Neill stated that “we need to be looking at a variety of issues to mandate minimum cyber security standards which could have prevented this from happening”.

What can you do?

The Optus website advises that Optus will be contacting all affected customers and, for the more seriously impacted, will be providing an Equifax credit monitoring subscription at no cost for 12 months.

If you are wanting to increase your personal security, whether you have been directly impacted by this breach or not, there are a few recommendations below to reduce your risk.

• Change your password: It is recommended to immediately change your password, do not use the same or a similar password. Select a password with 10 to 15 characters including upper and lowercase and include at least one number or symbol. Preferably follow the next step to generate your passwords
• Multi-factor Authentication: Enable on all accounts Multi-Factor Authentication using an App rather than SMS codes.
• Password Manager: Implement a strong password manager tool, that allows you to securely store all passwords, credit card details and generate random secure passwords that you do not have to remember. This is a free tool for single users and can easily be installed
• Credit Detection Tool: For a small monthly fee, Credit Agencies offer a solution to monitor your credit score and profile, should an identity theft be attempted
• Replace your Medicare Card: By logging on to your MyGov and clicking on Medicare, there is an option under My Card to order a replacement card. This will produce a new card and change the last digit of your current Medicare card.

Further to the steps above, if you have been impacted directly by this breach, you may want to look at changing your driver’s license number and ordering a new passport.

This breach has shaken many Australians and, as Claire O’Neil reveals in her interview, “there are over 10 million Australians who are anxious about their data being stolen and our focus is trying to give them some sense that we can support them in any way we can.”

Should you have major concerns that you have fallen victim to this attack or that your identity has been seriously compromised, please contact ID Care.