Optus customers have been advised to change passwords for online services, including banking, and set up stronger authentification measures to protect themselves against a massive cyber security attack.
The phone and internet provider has been scrambling to secure millions of customers’ information as names, dates of birth, phone numbers, email addresses, driver’s licence numbers, passport numbers or addresses are feared to have been accessed by hackers.
WATCH THE VIDEO ABOVE: Tech experts call for Optus customers to take urgent action.
Watch Sunrise on Channel 7 and stream it for free on 7plus >>
Optus says it is working with the Australian Cyber Security Centre to limit any risk to current and former customers.
The company said on Thursday it is not aware of customers “having suffered any harm”, but encouraged them to have “heightened awareness” for any “odd or suspicious” activity on their accounts.
However, customers have been urged to take further steps.
What you need to do
“First of all, I recommend to people, change your logins for your bank,” technology expert Geoff Quattromani told Sunrise on Friday.
“Make sure the username and password is different
“Change your email password if you can and make sure you’ve got two-factor authentication. What that means, to be clear, is you (a scammer) might know my username and password but if you don’t know my phone number which is getting an SMS with a unique code then you can’t log in.”
Quattromani also warned that Optus customers may be targeted by scammers via email, so urged them to communicate with the telco through its app.
Scamwatch, an initiative of federal government consumer watchdog the ACCC, has provided similar advice, also urging customers to check their bank accounts for “items you haven’t purchased”.
It has also advised to “place limits” on spending from bank accounts.
“It is important to be aware that you be may be at risk of identity theft and take urgent action to prevent harm,” Scamwatch said.
“Scammers may use your personal information to contact you by phone, text or email.
“Never click on links or provide personal or financial information to someone who contacts you out of the blue.”
Optus has notified the Australian Federal Police, the Office of the Australian Information Regulator and other key regulators.
Quattromani has labelled the attack “probably the biggest hack we have seen in Australia and probably the most concerning for that reason”.
“I think the amount of people that are going to be impacted by this will be dramatic,” he said.
“That is why government agencies have stepped in, that’s why the big four banks have been alerted as well.
“People need to know about this and Optus needs to do a really good job of keeping their customers up-to-date because at the moment all we’ve had is a media release and we need more than that.”