How did this happen?
Optus fell victim to a cyber attack. We took immediate action to block the attack that targeted Optus customer data only. Optus’ systems and services, including mobile and home internet, are unaffected and messages and voice calls are unaffected. Optus services will continue to be safe to use and operate as usual.
Has the attack stopped?
Yes. Upon discovering this, Optus immediately stopped the attack.
We are now working with the Australian Cyber Security Center to mitigate any potential risk to customers. We have also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators.
Why did we go to the media first instead of our customers?
The security of our customers and their data is our top priority. We did this because it was the fastest and most effective way to alert as many current and former customers as possible so they could be vigilant and monitor suspicious activity. We are now in the process of contacting customers directly affected.
What information about me may have been made public?
The information that may have been released includes customer names, dates of birth, telephone numbers, email addresses and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers. Affected customers will be notified directly of the specific information that has been compromised.
Optus services, including mobile and home internet, are not affected. Messages, voice calls, billing and payment information, and account passwords have not been compromised.
What should I do to protect myself if I suspect I have been the victim of fraudulent activity?
We’re not currently aware of any customers who have suffered damage, but we encourage you to raise awareness of your account, including:
Watch out for suspicious or unexpected activity on your online accounts, including your bank accounts. Immediately report any fraudulent activity to the related provider.
Watch out for contact from scammers who may have your personal information. This could be suspicious emails, texts, phone calls or social media posts.
Never click on links that look suspicious and never give out your passwords or personal or financial information.
How do I contact Optus if I think my account has been hacked?
If you believe your account has been compromised, you can contact us via the My Optus app – which remains the safest way to contact Optus, or call us on 133 937 for consumer customers. Due to the impact of the cyber attack, waiting times may be longer than usual.
If you are a business customer, please contact us at 133 343 or your account manager.
How do I know if I have been affected?
We are in the process of contacting customers directly affected.