WA Premier Mark McGowan has confirmed that those who have had personal data compromised during last week’s Optus cyber attack will be allowed to apply for new driver’s licences.
On Tuesday evening, the NSW, Victorian, Queensland and South Australia governments began clearing the bureaucratic hurdles for anyone who can prove they are victims of the hack, which has affected millions of people, with the telco expected to bear the multi-million cost of changeover.
WA had been the only state where drivers could not change their drivers licence numbers, even if they were stolen or involved in fraudulent activity.
“We will make sure that those impacted with their drivers licence will be able to get a new driver’s licence with a new number,” McGowan said on Wednesday morning.
On a Federal level, Health Minister Mark Butler told the ABC they’re looking at what can be done for stolen passport and Medicare details.
“We’re looking at that very closely right now,” he said. “All the resources of government are going into protecting consumers in this extraordinary breach of their personal data.”
Meanwhile, the group claiming to be behind the breach has since dropped a ransom demand and says it has now deleted the 11 million customer records it scraped from the telco’s website.
The attempt to force Optus to pay $US1 million ($A1.54 million) by Friday was dropped hours after the group released 10,000 records containing sensitive customer details on a data breach forum on the clear web.
The illegally obtained information included passport, Medicare and driver’s licence numbers, dates of birth, home addresses and information about whether a person is renting or living with parents.
“Too many eyes. We will not sale (sic) data to anyone. We can’t if we even want to: personally deleted data from drive (Only copy),” the group said on Tuesday.
The batch released on Tuesday was still online as of 4.30pm AEST.
Home Affairs Minister Clare O’Neil said she was “incredibly concerned” Medicare numbers were picked up in the data breach and were being offered for free and for ransom.
“Medicare numbers were never advised to form part of compromised information from the breach,” she said.
“Consumers have a right to know exactly what individual personal information has been compromised in Optus’ communications to them.”
Opposition defence spokesman Andrew Hastie described the government’s response to the hack as “lacklustre and slow”.
“The government isn’t responsible for Optus and their data breach, but they’re sure as hell responsible for coordinating a response,” he said.
Opposition foreign affairs spokesman Simon Birmingham and cyber security spokesman James Patterson called on the government to waive fees and expedite the processing of new passports for Optus customers.
They said in a statement it was “not good enough” for the Department of Foreign Affairs to advise on its website that “if you choose to replace your passport you’ll have to pay” as the department was not responsible for the data breach.
Two people who were exposed in Tuesday’s release of Optus data, and who asked to remain anonymous, expressed frustration that some personal information, unlike bank details, couldn’t be easily changed.
“No one can put a price on privacy but Optus has certainly lost mine,” a Melbourne man told AAP.
Optus has said it was the victim of a sophisticated attack – a claim dismissed by Ms O’Neil.
Optus said it will offer “the most affected” customers the chance to take up a one-year subscription to credit monitoring service Equifax Protect at no cost.
with AAP and Ten News First