Are my bank accounts safe? How to know if you’ve been affected by the Optus or Medibank data breach
On 22 September 2022, Optus announced the personal data of up to 9.8 million Australian customers has been breached in a cyber attack. Since then, national banks have been on high-alert monitoring accounts for suspicious or fraudulent activity, and we've had another massive data breach with Medibank, where a reported 5.1 million customers had their details exposed.
Here’s how to know if you’ve been affected by the Optus or Medibank breach, and what you can do to keep your bank accounts safe.
What happened during the Optus data breach?
While we don’t know the specific details of how or why the attack happened, Optus notified the public on 22 September that a cyber attack on its systems was detected and stopped.
The “sophisticated” breach targeted Optus customer data and potentially affects up to 9.8 million Australians. The stolen data includes:
- Names
- Birth dates
- Email addresses
- Mobile numbers.
Additionally, a smaller subset of customers had their official ID numbers stolen, which includes passports, driver’s licences, and Medicare cards. This can leave them vulnerable to identity theft; attackers could theoretically pose as them and apply for credit cards, loans, and other forms of debt in their name.
However, Optus stresses the following data has not been breached:
- Messages (SMS and MMS).
- Voice calls.
- Account billing and payment details.
- Account passwords.
As such, there is no need to change your credit card or direct debit details on your Optus account just yet. We’ll explain more about how the breach may affect your bank account below.
Additionally, customers with mobile plans from GOMO may have had their data compromised since this carrier piggybacks off Optus’s network. Customers on other Optus MVNOs like Coles Mobile, Catch Mobile, and amaysim have not been affected, according to Optus.
What happened during the Medibank data breach?
On 12 October, Medibank reports it detected suspicious activity on its systems. While early reports suggested no data had been taken, an authentic ransom notice for customer data soon proved the incident was worse than the provider supposed.
Since then, Medibank announced cyber criminals did indeed access and view customer data, which may have been stolen by the hackers. Breached data points include the following:
- Name
Date of birth
Address
Phone number
Email address
In addition, the health claims data for roughly 160,000 Mediabnk customers has been compromised, including:
- Service provider name and location
Medical service locations
Codes associated with diagnoses and procedures
The leak applies to up to 5.1 million current and former Medibank customers.
Data that was not accessed includes:
- Payment details (include credit/debit cards)
Drivers licenses
Medicare card numbers
Health claims data for extras services, like dental, physio, optical, and psychological appointment.
This means there is no need to change your payment details with Medibank.
Up to 2.8 million ahm and 1.8 million international customers may have been implicated in the attack, too, with the criminals accessing data such as names, DOB, addresses, phone numbers, and email addresses, as well as:
- ahm Medicare numbers (without expiry dates)
International customers passport and visa details
Health claim details for 300,000 ahm and 20,000 international customers
Health provider details like name, provider number, and practice addresses.
Around 5,200 My Home Hospital (MHH) customers have had some data leaked, as well, such as personal and health claims data. Roughly 2,900 had their next of kin contact details were viewed, too.
How do I know if I’ve been affected by the Optus or Medibank data breach?
Both Optus and Medibank have been notifying affected customers via text, email, and post.
If you are a current or former Optus customer and haven’t yet been contacted about the breach, you can reach out safely via the My Optus app or by calling 133 937.
If you are a current or former Medibank customer and haven't yet been contact about the breach, you can reach out safely to the provider by calling 132 331 or visiting the Medibank cyber incident hub , where Medibank has collected details of further support services.
Optus and Medibank have both explicitly stated they will not send links in official communications about the attack. Scammers will often pose as the government or companies in the fallout of a data breach, asking you to confirm your personal details to check if they’ve been compromised. Be wary of suspicious and out-of-the-blue communications, and never give out personal details online or over the phone.
For more detailed information on how to clock potential scams, head over to the ACCC’s Scamwatch .
How to keep your bank accounts safe after a data breach
While bank account passwords and payment methods were not lost in the Optus and Medibank data breaches, email addresses, names, and phone numbers were. Scammers could use this information to either:
- Hack into your private accounts.
- Steal your identity.
- Spam you with fraudulent emails, texts, calls, or social media messages.
Australian banks are on high alert right now watching for fraudulent or suspicious activity. But if you’ve been affected by the attack, there are still a few simple steps you can take to protect yourself and your finances.
Firstly, change old passwords and enable multi-factor authentication (sometimes called two-factor authentication). If you’re worried about using your compromised phone number as a backup, apps like Google Authenticator make effective substitutes.
Secondly, apply for a free credit report to check if anyone could be running up debt in your name. If you notice fraudulent transactions, let your banking provider know ASAP so they can cancel the cards and stop the transactions. If your identity has been stolen, follow this checklist from the Australian government to recover and reestablish your identity.
Thirdly, get in touch with resources like IDCare , the official cybersecurity and identity support service of Australia and New Zealand. If you complete IDCare’s free Get Help form, a case worker will get in contact with you to offer personalised action plans and support.
Finally, monitor your accounts and be wary of scammers. After the data breach, millions of Australians will be feeling confused and vulnerable – which makes them perfect targets for scammers. Never click on suspicious links, keep an eye on your accounts, and if it sounds too good to be true, it usually is.
Looking for a safe place to park your money? Browse and compare savings accounts below.
Compare bank accounts
-
Everyday Options Account
$0.00
Apple Pay, Google Wallet, PayID
0.01% p.a.
Enjoy 0% foreign currency conversion fees on Visa Debit card purchases. Plus make an eligible purchase using your linked Visa Debit card to earn cashback at participating merchants. $0 monthly account keeping fees & the option to open up to 9 sub-accounts. Suncorp Bank (Norfina Limited ABN 66 010 831 722 AFSL 229882 Australian Credit Licence 229882). The SUNCORP brand and Sun Logo are used by Suncorp Bank (Norfina Limited) under licence and Suncorp Bank is not part of the Suncorp Group.
CompareCompareEveryday Options Account
Enjoy 0% foreign currency conversion fees on Visa Debit card purchases. Plus make an eligible purchase using your linked Visa Debit card to earn cashback at participating merchants. $0 monthly account keeping fees & the option to open up to 9 sub-accounts. Suncorp Bank (Norfina Limited ABN 66 010 831 722 AFSL 229882 Australian Credit Licence 229882). The SUNCORP brand and Sun Logo are used by Suncorp Bank (Norfina Limited) under licence and Suncorp Bank is not part of the Suncorp Group.
- account fee
- $0.00
- Payment Options
- Apple Pay, Google Wallet, PayID
- interest rate
- 0.01% p.a.
- ATM networks
- Suncorp
- What kind of card?
- Visa Debit
- Interest rate
- Balances from $0: 0.00% p.a.
Balances from $1: 0.01% p.a.
- Fee free transactions
- Unlimited free transactions from own-bank ATM, atmx ATM, Big 4 banks ATM, EFTPOS, counter withdrawals, counter deposits, phone and internet
Read reviews and learn more about Suncorp bank accounts
-
Glide Account
$0.00
Apple Pay, Google Wallet, PayID, Samsung Pay, Garmin Pay
0% p.a.
Unlimited free internet transactions. Super fast transfers & use Apple Pay, Google Pay and Samsung Pay. No account keeping fees. Access Any Major Bank & MyState Bank ATM Fee-Free.
CompareCompareGlide Account
Unlimited free internet transactions. Super fast transfers & use Apple Pay, Google Pay and Samsung Pay. No account keeping fees. Access Any Major Bank & MyState Bank ATM Fee-Free.
- account fee
- $0.00
- Payment Options
- Apple Pay, Google Wallet, PayID, Samsung Pay, Garmin Pay
- interest rate
- 0% p.a.
- ATM networks
- MyState
- What kind of card?
- Visa Debit
- Interest rate
- Balances from $0: 0.00% p.a.
- Fee free transactions
- Unlimited free internet transactions.
Read reviews and learn more about MyState Bank bank accounts
-
Mozo experts choice awards won:
- Exceptional Everyday Account - 2024
Orange Everyday
$0.00
Apple Pay, Google Wallet, PayID, PayTo
0% p.a.
The everyday bank account that could pay you for paying bills. Get 1% cashback on eligible utility bills (up to $100), $0 ING international transaction fees, and up to 5 rebated ATM withdrawals a month here or overseas (T&Cs apply) and no monthly fees to pay. Mozo Experts Choice Awards Everyday & Savings Bank of the Year winner for 2024.^
CompareCompareOrange Everyday
The everyday bank account that could pay you for paying bills. Get 1% cashback on eligible utility bills (up to $100), $0 ING international transaction fees, and up to 5 rebated ATM withdrawals a month here or overseas (T&Cs apply) and no monthly fees to pay. Mozo Experts Choice Awards Everyday & Savings Bank of the Year winner for 2024.^
- account fee
- $0.00
- Payment Options
- Apple Pay, Google Wallet, PayID, PayTo
- interest rate
- 0% p.a.
- ATM networks
- None
- What kind of card?
- Visa Debit
- Interest rate
- Balances from $0: 0.00% p.a.
- Fee free transactions
- Access 1% cashback on eligible utility bill payments (up to $100 per financial year), rebates on ATM fees for the first 5 fee incurring withdrawals (domestic). When you deposit at least $1,000 from an external bank account and make at least 5 card purchases using your ING debit card each month.
Read reviews and learn more about ING bank accounts
-
Everyday Global Account
$0.00
Apple Pay, Google Wallet
0% p.a.
Enjoy $0 monthly account fees and international fees, with no minimum deposit or balance requirements. Buy, hold and spend in 10 currencies (AUD included) and earn 2% cashback for purchases under $100 (T&C’s apply). Mozo's Experts Choice 2024 winner for Exceptional Everyday Account.^
CompareCompareEveryday Global Account
Enjoy $0 monthly account fees and international fees, with no minimum deposit or balance requirements. Buy, hold and spend in 10 currencies (AUD included) and earn 2% cashback for purchases under $100 (T&C’s apply). Mozo's Experts Choice 2024 winner for Exceptional Everyday Account.^
- account fee
- $0.00
- Payment Options
- Apple Pay, Google Wallet
- interest rate
- 0% p.a.
- ATM networks
- HSBC
- What kind of card?
- Visa Debit
- Interest rate
- Balances from $0: 0.00% p.a.
- Fee free transactions
- Unlimited free transactions from HSBC ATMs, EFTPOS, phone, internet, BPAY and direct debits
Read reviews and learn more about HSBC bank accounts
-
Everyday Account
$0.00
Apple Pay, Google Wallet, PayID, Samsung Pay
0% p.a.
Enjoy an all in one transaction account with no monthly service fee designed to help you easily manage your money. Link to your Bendigo Bank home loan to offset your monthly interest. Unlimited internet and app banking transfers, and Bendigo Bank ATM withdrawals. Unlimited EFTPOS withdrawals and retail purchases within Australia
CompareCompareEveryday Account
Enjoy an all in one transaction account with no monthly service fee designed to help you easily manage your money. Link to your Bendigo Bank home loan to offset your monthly interest. Unlimited internet and app banking transfers, and Bendigo Bank ATM withdrawals. Unlimited EFTPOS withdrawals and retail purchases within Australia
- account fee
- $0.00
- Payment Options
- Apple Pay, Google Wallet, PayID, Samsung Pay
- interest rate
- 0% p.a.
- ATM networks
- Bendigo Bank
- What kind of card?
- Debit Mastercard
- Interest rate
- Balances from $0: 0.00% p.a.
- Fee free transactions
- Unlimited free transactions from own-bank ATM, EFTPOS, counter deposits, phone and internet
Read reviews and learn more about Bendigo Bank bank accounts
Your selected bank accounts
Your selected bank accounts
Your selected bank accounts
Your selected bank accounts
Your selected bank accounts
^See information about the Mozo Experts Choice Bank Account Awards
Mozo provides general product information. We don't consider your personal objectives, financial situation or needs and we aren't recommending any specific product to you. You should make your own decision after reading the PDS or offer documentation, or seeking independent advice.
While we pride ourselves on covering a wide range of products, we don't cover every product in the market. If you decide to apply for a product through our website, you will be dealing directly with the provider of that product and not with Mozo.