Cyber Security: Optus Breach
You may have heard about the recent Optus data breach and you may be wondering what this means for CSC.
29 Sep 2022
What happened?
It was announced on 22 September that the personal details of up to 9.8 million Optus customers were stolen during a massive data breach. Optus confirmed that these details may have included names, dates of birth, phone numbers, email and home addresses, drivers license and passport numbers.
Are my accounts with CSC impacted?
There has been no impact to CSC's systems or information following the cyber-attack against Optus.
However, if you are an Optus customer unauthorised third parties may now have your personal credentials and might attempt to access your personal accounts, which could include your super.
What is CSC doing to protect me?
Keeping our members' funds and data safe is our top priority and we are closely monitoring the situation regarding the Optus breach. We have security systems in place to proactively monitor threats and prevent any of our members' information becoming compromised. We are constantly monitoring for any CSC information associated with data-breaches.
We have also implemented additional identification checks for anyone calling or emailing us about their account. This includes asking you to verify information that only we are likely to have on file for you – such as your CSC account number and your current employer.
What can I do to protect myself?
For CSC members that hold an account with Optus, we advise that you remain alert to anything suspicious on your online accounts and follow best security practices. You can do this by:
- Changing your online passwords to something strong and unique to secure your personal information. Changing your online passwords regularly is also key to keeping your accounts secure.
- Enabling multifactor authentication wherever possible. This means that even if an attacker got your username and password, they would need another method of authentication to access your account.
- Look out for any suspicious or unexpected activity across your accounts or any suspicious emails, texts or calls. Refrain from clicking on any links that look suspicious and never give out your passwords or personal information.
- Consider placing limits on your bank accounts, or contact your bank to ask how you can secure your money.
- Checking for any updates from Optus. Optus is posting ongoing updates on the situation on their website, optus.com.au.
- Opt for additional security on your account where possible. At CSC, we offer different levels and types of additional security. Please contact us via the details provided below if you would like any of these implemented:
- A verbal password that must be provided in all voice interactions. This is available to all CSC customers.
- A stop benefit flag on your account to prevent benefit payments. This is available to contributing and preserved CSC customers.
- Being added to the pension monitoring list, which will monitor for changes to your contact details or bank account details against a point in time. This is available to pensioners only.
- Disabling your online account completely. This is available to all CSC customers.
CSC is encouraging our members to look at reputable sources, such as the OAIC, ACSC and ACCC to protect themselves against fraud.
If you believe your identity might have been compromised, visit IDCARE's website or call them on 1800 595 160. IDCARE—Australia's national identity and cyber support service—has been engaged by Optus to support those who have been impacted by fraud.
I have further questions, who do I contact?
If you are concerned about your personal information or suspect unauthorised activity, please contact us using the details below, or email CSC's Fraud Reporting at fraudreport@csc.gov.au.