State Govts Are Making Optus Fork Out For Millions Of New Driver’s Licences After Data Breach


Millions of Optus customers will be able to order new driver’s licences for free and Optus is expected to foot the multi-million-dollar bill.

The New South Wales, Victoria, Queensland and South Australia governments have said they’ll make the telco cough up to cover the cost of up to 9 million free driver’s licences after its customers’ personal data was compromised in a massive cyberattack, which experts have said was probably preventable.

NSW customer service minister Victor Dominello urged customers notified by Optus that their driver’s licence details had been hacked to apply for a replacement.

The $29 replacement fee will be reimbursed by Optus, he said.

The Victorian Government also said residents can get free licence number replacements and that they “will request Optus repays the cost of the new licences to the Victorian government”.

People can contact VicRoads to have their license record flagged for the future, which will prevent any unauthorised changes or access to individual information through the Victorian licence database.

Other states and territories are making similar arrangements.

To prove you were a victim of the hack you’ll just need to provide your state government authorities with an Optus data breach notice or written notification from an enforcement authority, along with evidence of identity for the new licence.

The cost to Optus could be tens of millions of dollars — far more than the $1 million the hacker originally demanded in ransom.

The account who claimed to be the Optus hacker apologised yesterday and said they had deleted all the data because there were “too many eyes” on them.

But this definitely won’t be the end of the road.

Optus said it would offer “the most affected current and former customers” free credit monitoring for up to 12 months via Equifax Protect.

But class actions senior associate at law firm Slater and Gordon Ben Zocco told Guardian Australia this was a “Band-Aid solution”.

“It does not address the continuing risk that customer data may be used by bad actors for identity theft or contacting vulnerable members of the community, such as domestic violence survivors, victims of stalking and other threatening behaviour, or asylum seekers,” he said.

“We are continuing to investigate available legal options for affected customers.”