The government is preparing to take action to allow Optus to share data on customers hit by a massive cyberattack with banks, warning the breach could spark an increase in fraud and fraud.
With millions of customers potentially exposed to a cyberattack on Optus last week, Home Secretary Clare O’Neil signaled on Saturday that the government was working on a policy response to the hack.
It is expected that the first step in this response will be to find a way to enable Optus to share data about affected customers with banks so that precautions can be taken to protect against potential fraud.
“Australian companies must do everything they can to protect their customers’ data. I will have much more to say about the Optus cyberattack in the coming days and what steps need to be taken going forward,” O’Neil wrote on Twitter on Saturday.
Banking industry sources, who are not authorized to speak publicly, said a key risk is that personal information obtained by the Optus hackers could be used to make fraudulent applications to banks or scam customers.
They said there had been discussions about how companies hit by a cyberattack – like Optus in this case – could quickly share a list of affected customers with banks so the banks could take their own precautions. It is not clear whether the government’s proposed changes will require legislation.
Banks have long been major targets for cybercriminals, and some have stepped up surveillance for suspicious activity following the Optus hack.
Westpac, for example, urged customers to watch for an increase in scam and fraud activity in the wake of the hack, saying criminals could be “highly opportunistic.” “Our fraud prevention and security teams are taking steps to improve monitoring and apply tighter security measures where appropriate,” a statement on Westpac’s website reads.
A spokesman for the Australian Banking Association said banks were monitoring developments closely but Optus customers should contact the telecom company for the most up-to-date information. “Banks remain vigilant against scams and fraud and are closely monitoring systems and processes following the reported cyberattack on Optus that resulted in the disclosure of customer information,” the spokesman said.
https://www.smh.com.au/business/companies/optus-data-could-be-shared-with-banks-to-head-off-fraud-risk-20220925-p5bkuk.html?ref=rss&utm_medium=rss&utm_source=rss_business Optus data could be shared with banks to prevent fraud risks