Another cyber attack in Australia with hackers gaining access to Medicare, ATO, bank details


Security firm G4S is the latest company to be hit by hackers in Australia following the massive Optus hack.

Current and former Australian employees of the firm have been told that their tax file numbers, bank account information and medical checks were stolen and posted online in a ransomware attack.

It is believed the breach relates to an attack by hackers on Port Phillip prison in Victoria in early July.

However, the firm only learned the data was posted online in mid-September and only informed staff about compromised data on Tuesday.

Although the attack occurred at Port Phillip Prison, the hackers were able to access the company’s entire network in Australia.

It is unknown how many staff were affected by the breach.

Current and former Australian employees of G4S have been told that their tax file numbers, bank account information and medical checks were stolen and posted online in a ransomware attack

It is believed the breach relates to an attack by hackers on Port Phillip prison in Victoria in early July

It is believed the breach relates to an attack by hackers on Port Phillip prison in Victoria in early July

The data obtained included employee names, addresses, dates of birth, contact details, police and medical checks, tax file numbers, bank account details, superannuation information, Medicare numbers and licence details.

In some cases, payslips, health information shared with the company, and details about Workcover claims or incident reports were also stolen.

The company said the data was not easily accessible and told employees it had taken action to prevent the third party continuing to access G4S systems and was working with the Australian Cyber Security Centre (ACSC).

G4S has been approached for comment by Daily Mail Australia.

It previously told the Guardian it was continuing ‘to work with impacted individuals to offer them full support’.

G4S advised those affected on how to replace their identity documents but did not offer to pay for the replacements or provide credit monitoring. 

Meanwhile, an employment agency has also been hit by another data breach similar to the Optus hack.

Personal documents such as photos of passport pages and Covid-19 vaccination certificates were accessed in the hack.

Photos of identity documents – including driver’s licences – of hundreds of thousands of the company’s clients were also made publicly available through Google image search results because users had uploaded their licences as their profile photo. 

Millions of angry Optus customers received this concerning text message on Sunday night

Millions of angry Optus customers received this concerning text message on Sunday night

Optus has confirmed the identification details of 2.1 million current and former customers were exposed in the recent cyberattack (pictured an Optus store in Sydney last week)

Optus has confirmed the identification details of 2.1 million current and former customers were exposed in the recent cyberattack (pictured an Optus store in Sydney last week)

The name of the employment agency has not been released. 

It comes after the massive Optus data hack, with the embattled telco giant on Monday shedding more details on the impact of the breach. 

Optus confirmed that the identification details of 2.1 million current and former customers have been exposed in the hack.

Around 1.2 million customers have had at least one number from a current and valid form of identification, and personal information compromised, including 150,000 from passports and 50,000 from Medicare cards.

Optus chief executive Kelly Bayer Rosmarin stated in a new video message that those 1.2 million customers should take action and have already been contacted. 

The remaining 900,000 who had expired IDs compromised, in addition to personal information may also need to action, pending updates from licensing authorities.

Around 7.7million customers haven’t had their personal details stolen and don’t need to take action but are urged to remain vigilant.

The names and email addresses of Telstra staff members were posted on the same forum the Optus breach data was posted on last week 

On Tuesday, it was also revealed that Telstra had suffered a massive data breach with hackers gaining access to the personal information of 30,000 current and former staff.

The names and email addresses of the staff members were posted on the same forum the Optus breach data was posted on last week.

Data unveiled included first names, last names and work email addresses of 30,000 Telstra employees who worked for the company prior to 2017.

It also included the information of 12,800 of employees still employed by the telco. 

Telstra’s group executive for transformation, communications and people Alex Badenoch wrote a note to staff on Saturday. 

She said the breach related to a third party programme that had previously provided Telstra’s Worklife NAB rewards program for staff.

What Optus has said about the breach:

How did this happen?

Optus was the victim of a cyberattack. We immediately took action to block the attack which only targeted Optus customer data. Optus’ systems and services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised. Optus services remain safe to use and operate as per normal.

Has the attack been stopped?

Yes. Upon discovering this, Optus immediately shut down the attack.

We are now working with the Australian Cyber Security Centre to mitigate any risks to customers. We have also notified the Australian Federal Police, the Office of the Australian Information Commissioner, and key regulators.

Why did we go to the media first instead of our customers?

The security of our customers and their data is paramount to us. We did this as it was the quickest and most effective way to alert as many current and former customers as possible, so they could be vigilant and monitor for any suspicious activity. We are now in the process of contacting customers who have been impacted directly.

What information of mine may have been exposed?

The information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers. Customers affected will be notified directly of the specific information compromised.

Optus services, including mobile and home internet, are not affected. Messages, voice calls, billing and payments details, and account passwords have not been compromised.

What should I do to protect myself if I suspect I am a victim of fraudulent activity?

We are not currently aware of any customers having suffered harm, but we encourage you to have heightened awareness across your accounts, including:

Look out for any suspicious or unexpected activity across your online accounts, including your bank accounts. Make sure to report any fraudulent activity immediately to the related provider.

Look out for contact from scammers who may have your personal information. This may include suspicious emails, texts, phone calls or messages on social media.

Never click on any links that look suspicious and never provide your passwords, or any personal or financial information.

How do I contact Optus if I believe my account has been compromised?

If you believe your account has been compromised, you can contact us via My Optus App – which remains the safest way to contact Optus or call us on 133 937 for consumer customers. Due to the impact of the cyberattack, wait times may be longer than usual.

If you are a business customer, contact us on 133 343 or your account manager.

How do I know if I have been impacted?

We are in the process of contacting customers who have been directly impacted.

Read more at DailyMail.co.uk