The Australian federal government has come down hard on its analysis and criticism of Optus’s cybersecurity measures following the hack of millions of users’ personal data.
The Federal government has blamed Optus for the breach, flagged an overhaul of privacy rules and higher fines, and suggested the company had “effectively left the window open” for hacker to steal data.
Optus initially admitted the leak had included names, dates of birth, email addresses, phone numbers, postal addresses, drivers’ license numbers and passport numbers. However, it has now been revealed customers’ Medicare numbers have also been exposed.
What can happen if it’s YOUR data that’s been hacked?
Effective cybersecurity measures are predominantly in place to guard against client identity theft. The risk is that a criminal can use a customer’s data after a breach occurs for fraudulent activity, such as opening a bank account or applying for a loan.
Some Optus victims of the recent hack have already been contacted by the criminal entity demanding money in exchange for keeping their data private.
There are also worrying safety concerns; people in vulnerable positions such as domestic violence victims are at risk of having their address details made public, potentially putting their lives at risk.
Stay vigilant and on alert for tell-tale signs
If you’ve been notified that your data has been leaked, you may become a target for scammers. Some important guidelines include:
Do not click on any links in a text message.
Check all website sources – just check that it is an official website before taking any future action.
If you are unsure about why you are being asked to divulge private information, stop and verify who the person or organisation is that is making that request of you.
Over recent years, the growth and sophistication of cybercriminals, ransomware and hacker attacks has reached epic levels and new protective measures are now required.
Ironically though, what happened at Optus has been revealed as an ‘unsophisticated’ attack. And it was avoidable.
Optus is Australia’s biggest and most high-profile cybercrime incident to date. The lesson we can take from it as business owners is that it was avoidable.
A Cybersecurity Framework
A cyber security framework is a set of guidelines or a template that outlines policies and procedures you can use in your business. These frameworks will help you establish and maintain your cybersecurity posture. When a framework is applied, your cybersecurity resilience improves, and the risk of a cyber attack is minimised. The framework we use at T4 Group is the ASD Essential Eight, and this our “North Star” when it comes to cybersecurity.
In this world where businesses need to store not only delicate financial information but also medical data (thanks to mandatory Covid vaccinations), implementing the best professional data security and privacy protection is a no-brainer.
If you’d like to book an immediate cybersecurity audit for your business, please call our office on 1300 765 014.
Don’t become complacent. No business is too small!
REMEMBER: PREVENTION IS ALWAYS BETTER THAN CURE.
Iain Enticott | T4 Group | www.t4group.com.au