In September 2022, Optus suffered one of the largest data breaches in Australian history. Nearly 10 million current and former customers had their personal information exposed โ€” roughly 40% of the Australian population.

What data was exposed?

The Optus breach exposed a wide range of personally identifiable information (PII), including full names, dates of birth, phone numbers, email addresses, home addresses, and for many customers โ€” passport and driver licence numbers.

Why was this breach so serious?

Unlike a simple password breach, the Optus breach exposed government ID numbers. This is the data needed for identity theft โ€” opening fraudulent bank accounts, applying for loans, or taking over existing accounts. A leaked password can be changed. A leaked passport number cannot.

Am I affected?

If you were an Optus customer at any point before September 2022, there is a strong chance your data was included. Optus notified customers directly, but many notifications went to old email addresses or were missed.

The best way to check your overall breach exposure is to use DataGuard AU’s free breach check, which cross-references your email against all known breach databases instantly.

What should you do right now?

  1. Check your credit report โ€” Request a free copy from Equifax, Experian, or illion. Look for accounts or enquiries you did not make.
  2. Place a credit ban โ€” Under Australian law, you can request a ban on your credit file to prevent new credit being issued in your name.
  3. Change passwords on sensitive accounts โ€” Especially banking, email, and government services (myGov).
  4. Enable two-factor authentication โ€” Particularly on your email and banking apps.
  5. Be alert to phishing โ€” Scammers used Optus breach data to target victims with convincing phishing emails and SMS messages.

Check your breach exposure now โ€” free, instant, no account required โ†’