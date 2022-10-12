Australians are being urged to be vigilant as fraudsters step up illegal operations

The biggest data breach in Australian history has sparked an onslaught of scams, with consumer watchdogs warning Aussies not to engage in suspicious calls or messages.

The head of the Australian Competition and Consumer Commission (ACCC) said the regulator’s fraud team had received more than 600 complaints a day about the Optus breach.

ACCC chairwoman Gina Cass-Gottlieb said many fraudsters posed as Optus or Equifax Protect, the credit reference agency tasked with supporting victims of the breach, to defraud consumers.

Ms Cass-Gottlieb said the result is that customers feel ‘confused and anxious’ every time they receive a text or call, and demanded significantly more transparency from the telco.

“The message that we get from these reports is, firstly, that many consumers are confused about the information they are receiving or not receiving from Optus,” she told the House of Representatives’ Finance Committee on Tuesday.

‘They are anxious and they don’t feel they know. The impact on them and the risks they face and exactly what information about them has necessarily been disclosed.’

Two other regulators have now launched investigations into the Optus breach, including the Office of the Australian Information Commissioner (OAIC), which could hit the company with fines of $2.2 million per breach. breakup.

The most common scams include texts from Equifax asking people to check their details, which have been compromised due to the Optus hack, as well as texts from the telco itself and even bogus MyGov messages.

Ms Cass-Gottlieb said there had been a “material increase” in reports of fraud, with hundreds of cases coming across the ACCC’s desks every day.

‘Some [customers] have reported being contacted by parties saying they are Optus or parties saying they are Experian – the credit reference agency retained to provide some assistance – and in some cases saying they are MyGov ,” she said.

‘Because the data contains personal information, there is an opportunity for a fraudster to personalize a contact and also misrepresent who they represent.’

She said there had even been cases of fraudsters posing as Optus and stealing money from Australians after gaining access to their accounts.

The OAIC and the Australia Communications and Media Authority (AMCA) have confirmed they will investigate the breach of the 9.8 million customers who had their information stolen last month.

“The OAIC’s investigation will focus on whether the Optus companies took reasonable steps to protect the personal information they held against misuse, interference, loss, unauthorized access, alteration or disclosure,” the regulator said.

Angelene Falk, the OAIC’s privacy commissioner, said the review would be published ‘as soon as possible’.

“Australians have a right to know whether Optus had reasonable safeguards in place to protect their information at the time of the breach,” she said.

Optus has engaged Deloitte to review the breach, but will not publish its findings. Ms Falk said the telcos need to shift away from a model that puts the burden on customers and instead take responsibility for their system failures.

‘[We must] shift the dial away from the burden on individuals to navigate long and complex privacy policies and more on organizations to ensure there is a baseline standard for all personal information to be handled in a way that is fair and reasonable,’ she said.