28 September 2022

Optus hack: hundreds of 'at-risk' Canberrans will get a new free licence but most protected

| Lottie Twyford
Join the conversation
Person holding licence

The Territory government says most Canberrans are at low risk of fraud following the Optus breach. Photo: Lottie Twyford.

After saying it was still working through the issue yesterday, the Territory government is today thanking a recent systems change with protecting most Canberrans caught up in the Optus data hack from fraud.

However, hundreds of Canberrans “are at genuine risk of identify fraud”, Minister for Business and Better Regulation Tara Cheyne said today.

That cohort includes anyone who has opened an Optus account since 1 September and provided their licence and card number.

Ms Cheyne confirmed this cohort will be able to get a new driver’s licence with a new card number free of charge.

Optus will foot the bill, and the telco has assured the Territory government it will contact affected customers who have had both fields of information compromised by the end of the week.

Optus will credit those customers $42.60 – the cost of a replacement licence in the Territory.

Tara Cheyne

Minister for Business and Better Regulation Tara Cheyne said people at greater risk of fraud would be prioritised for a new licence. Photo: Lottie Twyford.

Ms Cheyne told reporters today that the reason for the difference is that at the start of this month, the ACT switched to a new digital verification system.

She said this system was also implemented in most other states and territories, although Victoria and Queensland are notable exceptions.

The new system requires the licence number and the card number to satisfy an identity check for things like loan applications and getting a new phone account.

This number is positioned vertically to the left of the image, while the better-known licence number is printed vertically under the date of birth field.

The card number changes every time a new licence is issued.

READ ALSO Procurement failures put Digital Transformation Agency on the chopping block

Ms Cheyne said customers who had opened an account before 1 September had likely only provided their licence number for identification purposes.

Therefore, now the new verification system is in place, the data of the vast majority of local Optus customers are at a “very low” risk of being used for fraudulent purposes. That’s because using a licence for verification now requires both numbers.

Ms Cheyne acknowledged these customers could still be distressed and may want a replacement licence, but this will come at a cost to the individual, and the licence number would still not be changed – only the card number.

“I do need to confirm this is a situation that we need to triage. There are people here who are at risk that we do need to prioritise,” she said.

“Other people who do want a new card free of charge can apply … and it may take us some time depending on the extent of the situation.”

The Territory government is still working with Optus through the “evolving situation”, Ms Cheyne said and had yet to be advised exactly how many Canberrans had been caught up in the breach.

She conceded the situation raised questions about the storage of data by companies once identity checks had been completed.

READ ALSO Small hail blankets Canberra’s north in false snow

NSW is also replacing impacted customers’ licences for free, with Optus agreeing to foot the bill in that state.

According to Ms Cheyne, the Territory is taking the same approach as NSW.

In Victoria and Queensland, new licence numbers will be issued.

If you have been contacted by Optus and require support, you can contact the Resolution and Support Team by calling 13 22 81 and selecting option one, Monday to Friday from 9 am to 4:30pm. Alternatively, you can visit the Access Canberra Replace Driver Licence page for details on replacing your licence.

Join the conversation

All Comments
  • All Comments
  • Website Comments
Tom Worthington2:10 pm 29 Sep 22

One of the 103 items in my spam folder yesterday was a message from Optus: “… As a former Optus customer this has resulted in the disclosure of some of your personal information. …”. What I suggest is for Optus’ telco license to be cancelled, and all board members banned from being directors of a company.

I’m glad that optus put their fees up because of their rollout of 5G. They might as well go under, anyone who exposes an API where details are spat back from a sequential ID, doesn’t deserve to exist in Australia.

Daily Digest

Want the best Canberra news delivered daily? Every day we package the most popular Riotact stories and send them straight to your inbox. Sign-up now for trusted local news that will never be behind a paywall.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.