Share this article on:
Thousands of Medicare numbers have been leaked following the Optus data breach, the telco revealed on Wednesday.
Late on Wednesday, Optus revealed that 14,900 valid Medicare ID numbers had been compromised in the major data breach, with 22,000 numbers believed to have expired.
According to the telco, affected customers with a compromised Medicare card that had not expired would be contacted within 24 hours. The telco plans to contact the remainder within the coming days out of "an abundance of caution".
"If you are concerned or have been affected, you can replace your Medicare card as advised by Services Australia.
"Please be assured that people cannot access your Medicare details with just your Medicare number.
"Our call centres will not have further information to assist on this matter," Optus said.
The telco had first announced about 9.8 million Australians' data was compromised in the large-scale breach last Thursday.
The alleged hacking group announced it would release the information unless paid a US$1 million (AU$1.53 million) ransom on a well-known data breach forum.
In a bizarre twist, the hacking collective apologised, but not before releasing 10,200 Optus customers' information into the wild.
A search of the leaked database which had been released on Tuesday revealed Medicare numbers, however, Optus did not confirm this until Wednesday evening.
"We are in contact with Services Australia and we will be letting all affected customers know the guidance on the steps they can take," Optus said.
Australian organisations have had 30 years to get cyber security right and they have failed, according to Professor Matt Warren, director of the Centre for Cyber Security Research and Innovation, and a professor of cyber security at RMIT University.
"The Optus breach goes beyond recent state-based cyber attacks on government and large organisations such as WA parliament, Australian National University, Victorian Hospitals and Red Cross Australia.
"Optus is part of Australia’s critical infrastructure, and this nationwide issue has potential to impact anywhere from 1.1 to 9.8 million Australian customers.
"In our new cyber normal, if steps are not undertaken then the situation will be repeated time after time," Professor Warren said.
[Related: AFP tackles Optus data breach and works with overseas law enforcement]