Telco Optus has taken out full-page ads to apologise to customers as the fallout continues from a massive data breach affecting millions of Australians.
It remains unclear how many of the almost 10 million Optus customers impacted by the hack had identity details stolen, however it has been confirmed at least 10,000 parcels of ID data were put on the dark web.
In an advertisement that appeared in major newspapers on Saturday, Optus said the company was “deeply sorry” the cyber attack had happened on its watch.
“The attack was quickly shut down, and we are working closely with authorities to understand how this attack on your privacy occurred,” it said.
Australian Federal Police assistant Cyber Command commissioner Justine Gough admitted on Friday investigators were trying to tally the number of affected Optus customers.
The 10,000 people already confirmed as having their data exposed will be prioritised by a new AFP task force, Operation Guardian, established to shore up their security and prevent them from becoming victims of financial fraud.
Optus also revealed this week 14,900 valid Medicare ID numbers had been exposed in the hack, along with 22,0000 expired numbers out of the 9.8 million customer records stolen.
The telco says it has contacted customers who have had their data compromised by the cyber attack.
In its ad, Optus said its priority was preventing harm to customers and it was assisting those affected.
Several government figures have described the cyber attack as an unsophisticated exercise.
Prime Minister Anthony Albanese on Friday confirmed that Optus would pay for customers’ replacement passports.
He described the measure as ‘entirely appropriate’ saying taxpayers shouldn’t have to pay the $193 to replace each compromised document.
The telecommunications giant has already committed to covering the cost of issuing new driver’s licence numbers and is offering those eligible a one-year free subscription to credit monitoring service Equifax.
Opposition cyber security spokesman James Paterson said the passport replacement news was welcome for those at risk of identity theft and fraud.
“It’s now incumbent on the government to take immediate action to ensure the most vulnerable Optus victims can obtain new passports without further delay,” he told AAP.
Mr Albanese has also confirmed the government is reviewing the Privacy Act with a view to updating the laws by the end of the year.