A growing number of Australian businesses are taking the opportunity to remind customers of their own robust security measures in the wake of the Optus hack. Emails have been going out to customers from a variety of industries, including banking, retail and even a cryptocurrency exchange.
Dubbed by some as the biggest cybersecurity breach in Australian history, the Optus hack has left millions of Australians feeling vulnerable when it comes to the safety of their data.
With cybersecurity being front and centre of the Australian zeitgeist this week, other companies are now trying to assure their customers that their data is safe with them.
Financial institutions are being wary
Some of the first cabs off the rank were financial institutions such as Commonwealth Bank — and with good reason.
Get daily business news.
The latest stories, funding information, and expert advice. Free to sign up.
The personal details stolen from Optus included passports and drivers’ licences — key documents used in identity fraud. And that’s a big problem for banks.
In fact, we already know the new cyber security reforms that will roll out because of the Optus cyberattack are expected to focus on infrastructure that will allow financial institutions to find out quicker when a data breach occurs. The hope is this will mitigate stolen personal data being used to access accounts.
It’s not particularly surprising that CBA is being proactive with its communication to customers. Back in 2016 the financial institution lost magnetic storage tapes containing the data of up to 20 million customers.
And in 2018, the Office of the Australian Information Commissioner (OAIC) found CBA’s internal access controls and approach to retention and destruction was inadequate.
These incidents resulted in a court-enforceable undertaking to improve privacy practices.
“We know that scams and fraud continue to rise, with a growing number occurring across Australia. As a CommBank customer, you have access to a range of services and security features to help protect you from scams and fraud 24/7, including real-time monitoring, fraud prevention technology and secure banking,” CommBank said in an email to customers this week.
CommBank also stated that it has heightened its ID and theft monitoring systems.
“We are constantly monitoring for any customer information associated with data-breaches, including the recent Optus breach. Our intelligence monitoring systems run 24/7, allowing us to identify at-risk customers prior to an attack.”
Buy now, pay later company Zip also warned customers to be vigilant about suspicious activity on their accounts.
“Zip is aware of the Optus data breach involving Optus customer information. Our Fraud Prevention and Security teams are engaged in heightened monitoring to minimise any impact to our customers, their accounts and their information,” Zip said in an email.
“We encourage our customers to remain vigilant and report any suspicious activity to Zip immediately.”
Enterprise customers, retailers and crypto exchanges
When it comes to Australia Post, its email to customers makes sense. Australia Post Mobile is a mobile virtual network operator (MVNO) powered by the Optus network.
“While Australia Post Mobile is powered by the Optus Mobile Network, your information is stored on our own secure systems and has not been impacted by this incident,” Australia Post said in an email.
Fortunately, Optus confirmed that enterprise customers have not been affected by the attack. This means that no MVNOs utilising its network, such as Australia Post Mobile, are affected. The same goes for the likes of Coles, Circles.Life and amaysim.
Woolworths also got in on the action, offering a small note to customers in its app.
“Your privacy is important to us. We have security measures in place to protect you and your information. Head to our privacy page in App to learn more,” the statement reads.
Cryptocurrency exchange, Binance, also had something to say about the Optus situation. It sent out an email to customers with a rather alarming “Risk Alert!” subject heading.
“Binance Australia is aware of a recent data breach involving a major Australian telecommunications company in the country,” the email reads.
“To ensure the maximum protection of user assets, enhanced login measures have been implemented for all users. We are constantly monitoring for any customer information associated with data-breaches, including the most recent Optus breach.”
It goes on to offer information about contacting IDCARE if you’re concerned, as well as general security tips and scam techniques to look out for.
It wouldn’t be surprising if more companies and financial institutions that store a lot of customer data send out communications in the coming days.
The Optus breach has certainly brought the idea of data storage and security to the forefront of Australians minds. And that’s a good and important thing. Customers should be concerned and asking questions about how their data is stored and what protections are in place.
Similarly, businesses need to make customer data a priority in order to retain customers as they become more privacy conscious — preferably before legislation dictates that they do