Share this article on:
The FBI has joined the Australian Federal Police (AFP) to help track down the Optus hackers.
Despite dropping the ransom that had been originally set to force Optus to pay $1.54 million, Attorney-General Mark Dreyfus told Parliament “a whole-of-government response had been launched, with the AFP not only working with government and industry but also the FBI”.
Expressing concern that Optus did not report the exposure of Medicare numbers in the breach, Attorney-General Dreyfus revealed the international cooperation following the hacking group’s apology and claims that the ransom demand had been dropped, adding that the scraped customer records from the telco’s website had also been deleted.
According to AAP, the hacking group released a batch of 10,000 Australian Optus customers’ sensitive data on a breach forum, which included passport, Medicare and driver’s licence numbers, dates of birth, home addresses and details about whether an individual is renting or living with parents.
The government’s response to the hack has been described by opposition defence spokesman Andrew Hastie as “lacklustre and slow”.
Meanwhile, shadow foreign affairs spokesman Simon Birmingham and shadow cyber security spokesman James Patterson have called for the government to “waive the fees”.
The opposition is calling for the government to waive fees and expedite the processing of new passports for Optus customers whose passport numbers had been compromised.
“Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information, and obtain a new passport,” Birmingham and Patterson said in a statement.
Birmingham and Patterson added that the Department of Foreign Affairs advised on its website that “if you choose to replace your passport you’ll have to pay” as the department was not responsible for the data breach.
According to Optus, emails or SMS messages have been sent to customers whose details were compromised and apologised for the concern it has caused but the telco asserts payment details and account passwords were not compromised as a result of the attack.
So far, several state governments have struck agreements with Optus to protect customers whose driver’s licences were compromised.
In Victoria and NSW, people can get replacement cards and Optus will cover the costs.
Affected customers in Queensland and South Australia can organise replacement licenses free of charge, while the ACT and other jurisdictions are still working through the issue.
[Related: How the Optus security breach has impacted its reputation]