Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach

Identification repair service receives a month’s worth of complaint calls in three days as government pressures telco to pay for replacement ID documents

Former Virgin Mobile and Gomo customers are the latest to have been informed by Optus that their personal information was exposed in the company’s massive data breach, as an identification repair service reveals it has fielded a month’s worth of complaint calls in three days.

It has been a week since Optus first revealed up to 10 million of its customers had personal information – including names, addresses, emails and dates of birth – exposed, with 2.8 million having passport, licence or Medicare numbers also made visible.

While the breach was initially considered limited to customers who deal with Optus directly, Guardian Australia has seen emails sent from Optus to former customers of Gomo and Virgin Mobile outlining that their data was included in the breach.

Both companies are wholly owned subsidiaries of Optus, with the company shuttering the Virgin brand in 2018, but it was not apparent until now whether these customers would have been caught up in the breach.

Guardian Australia has asked Optus whether customers of its other brands, are also affected. Optus also resells its mobile services to external companies such as Dodo, Circles.Life and iiNet.

Amaysim, one of those brands, said on Thursday its customers were not caught up in the data breach.

Optus customers continue to raise concerns the company is not providing substantial information, beyond the initial letter informing them of the breach. Some state transport authorities have indicated customers will need to get compensated from Optus directly for licence replacements, but the company hasn’t communicated how that will occur.

Optus is also facing pressure from the federal government to pay for passport replacements, but has not yet said what it intends to do.

IDCare – an organisation that helps people who are dealing with identity theft – has received 11,500 calls from Optus customers in the past three days, which is the amount of calls the organisation would normally receive in a month.

The financial services minister, Stephen Jones, met with consumer groups, banks, and key regulators including the Australian Competition and Consumer Commission (ACCC) on Thursday morning to discuss the impacts of the breach.

Jones said customers would feel the effects of the breach for some time, and “there will be a long tail of impact of this data breach”.

“We know that fraudsters [and] scammers are already on to it, whether they’ve got the Optus data or not, they’re attempting to impersonate Optus, they’re attempting to … impersonate licence providers, they’re attempting to impersonate government and government agencies.”

He said it was Optus’s “stuff-up”, that it was up for Optus to compensate customers, not the government, and that every company in the country should be on heightened alert.

Optus has been contacted for comment.


Josh Taylor

The GuardianTramp

Related Content

Article image
Optus customers exasperated by chatbots and ‘rubbish’ communication after data breach
Some customers look to switch providers after puzzling responses and ‘less than helpful’ service

Josh Taylor

26, Sep, 2022 @5:30 PM

Article image
Optus faces potential class action and pledges free credit monitoring to data-breach customers
Home affairs minister Clare O’Neil says company to blame and flags new laws with large fines for such breaches

Josh Taylor

26, Sep, 2022 @6:27 AM

Article image
Optus data security breach: what should I do to protect myself?
Experts say while ‘there’s no need to panic’, there are steps you can take to ensure you’re not exposed to scams or identity theft

Natasha May

26, Sep, 2022 @6:44 AM

Article image
Purported Optus hacker releases 10,000 records including email addresses from defence and prime minister’s office
Optus CEO says federal police are ‘all over’ post with ultimatum demanding $1m within four days after massive data breach

Natasha May and Josh Taylor

27, Sep, 2022 @1:32 AM

Article image
Optus data breach: Australians will be able to change their driver’s licence with telco to pay
Federal opposition wants commonwealth to allow people to get new passports for free too – and quickly

Natasha May

27, Sep, 2022 @10:27 AM

Article image
Anthony Albanese says ‘Optus should pay’ for new passports for data breach victims
Push comes day after states suggest telco will pick up multi-million dollar tab for replacing driver’s licences of affected customers

Josh Butler and Ben Butler

28, Sep, 2022 @9:57 AM

Article image
Optus reveals at least 2.1 million ID numbers exposed in massive data breach
Telco says 150,000 passport and 50,000 Medicare numbers have been stolen as it announces independent review

Josh Taylor

03, Oct, 2022 @3:50 AM

Article image
Optus data breach: who is affected, what has been taken and what should you do?
After a malicious cyber-attack, customers of Australia’s second-largest telco are advised they could be at risk of identity theft

Ben Doherty

22, Sep, 2022 @8:31 AM

Article image
Optus cyber-attack could involve customers dating back to 2017
CEO says company has not yet confirmed how many people were affected by hack, but 9.8 million was ‘worst case scenario’

Josh Taylor

23, Sep, 2022 @3:04 AM

Article image
Optus cyber-attack: company opposed changes to privacy laws to give customers more rights over their data
In its submission to Privacy Act review telco said giving people right to erase personal data would involve ‘significant’ hurdles and costs

Josh Taylor

23, Sep, 2022 @8:00 PM