Welcome to the Australian Ford Forums forum.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and inserts advertising. By joining our free community you will have access to post topics, communicate privately with other members, respond to polls, upload content and access many other special features without post based advertising banners. Registration is simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Please Note: All new registrations go through a manual approval queue to keep spammers out. This is checked twice each day so there will be a delay before your registration is activated.

Go Back   Australian Ford Forums > General Topics > Non Ford Related Community Forums > The Bar

The Bar For non Automotive Related Chat

Reply
 
Thread Tools Display Modes
Old 22-09-2022, 09:04 PM   #1
EBSXR6
FF.Com.Au Hardcore
 
EBSXR6's Avatar
 
Join Date: Jun 2010
Location: Melbourne
Posts: 1,597
Default Optus Data Breach

https://www.abc.net.au/news/2022-09-...ers-/101466036
EBSXR6 is offline   Reply With Quote Multi-Quote with this Post
Old 23-09-2022, 08:31 AM   #2
russellw
Chairman & Administrator
Donating Member3
 
russellw's Avatar
 
Join Date: Dec 2004
Location: 1975
Posts: 107,331
Community Builder: In recognition of those who have helped build the AFF community. - Issue reason: Raptor: For Continued, and prolonged service to the wider Ford Community 
Default Re: Optus Data Breach

It's way at the more serious end of the scale if only because (unlike most breaches) it includes identifying information including addresses and (in some cases) ID document details.

I'm sure their head of IT Security will be looking for a new job shortly.

These companies (and Government organisations too) insist on being given our personal data and think that an apology is sufficient when they fail to actually protect that data from malicious agents - well it's not.
__________________

__________________________________________________

Observatio Facta Rotae



Last edited by russellw; 23-09-2022 at 08:48 AM.
russellw is offline   Reply With Quote Multi-Quote with this Post
Old 23-09-2022, 08:49 AM   #3
tweeked
N/A all the way
 
tweeked's Avatar
 
Join Date: Apr 2008
Location: Melbourne
Posts: 3,459
Default Re: Optus Data Breach

Yeah, losing control of passwords is one thing, a pain for everyone to change but pretty simple. Changing your name and date of birth so your ID cannot be used in the future.....that is a bit trickier.
__________________
BA GT
5.88 litres of Modular Boss Powered Muscle
300++ RWKW N/A on 98 octane on any dyno, happy or sad, on any day, with any operator you choose - 12.39@115.5 full weight

tweeked is offline   Reply With Quote Multi-Quote with this Post
7 users like this post:
Old 23-09-2022, 10:52 AM   #4
jaydee
FF.Com.Au Hardcore
 
jaydee's Avatar
 
Join Date: Feb 2007
Location: Perth
Posts: 7,238
Default Re: Optus Data Breach

Quote:
Originally Posted by russellw View Post
It's way at the more serious end of the scale if only because (unlike most breaches) it includes identifying information including addresses and (in some cases) ID document details.

I'm sure their head of IT Security will be looking for a new job shortly.

These companies (and Government organisations too) insist on being given our personal data and think that an apology is sufficient when they fail to actually protect that data from malicious agents - well it's not.
Exactly, "All care taken, blah blah blah"
Meanwhile some poor schmuck gets hacked, identity stolen, frauds committed in your name and you have to clear your name and credit rating.
Then one day you're at a plane terminal somewhere and get arrested, chucked in prison.
It can take years to sort out.
Just not good enough.
__________________
jaydee351
4DV8
jaydee is offline   Reply With Quote Multi-Quote with this Post
3 users like this post:
Old 23-09-2022, 11:10 AM   #5
marty351
Shenanigans..............
 
marty351's Avatar
 
Join Date: Mar 2007
Location: Footscrazy
Posts: 12,502
Default Re: Optus Data Breach

In these circumstances, and in this age of cyber-everything; Is "plausible deniability" a legal protection recognised in law, especially when so much evidence can be used to prosecute or defend this situation?
marty351 is offline   Reply With Quote Multi-Quote with this Post
Old 23-09-2022, 11:23 AM   #6
gutza
FF.Com.Au Hardcore
 
Join Date: Jul 2006
Posts: 754
Default Re: Optus Data Breach

Myself and my family have been with Vodafone for many, many years.

It always bugged me when upgrading, they would want to photocopy my D/L, Medicare, Debit/Credit card.

I know the authorities need to track potential criminal activities on the phones, but still ......

Anyway, in 2019, it finally happened ( although on a smaller scale ). Luckily we were not affected.

The owner of the Vodafone store in Tuggeranong (Canberra), was implicated and finally convicted of involvement in ID theft.

Here's a short news article for anyone interested.

https://the-riotact.com/former-vodaf...-scheme/529872
gutza is offline   Reply With Quote Multi-Quote with this Post
This user likes this post:
Old 23-09-2022, 11:43 AM   #7
Citroënbender
DIY Tragic
 
Citroënbender's Avatar
 
Join Date: Apr 2018
Location: Sydney, more than not. I hate it.
Posts: 22,512
Chairman's Award: Chairman's Award - Issue reason: Your outstanding contributions to this community have not gone unnoticed. IN my view you are a worthy recipient of the (rarely used) Chairman's Award. 
Default Re: Optus Data Breach

The prospect of a major data breach is something I definitely worry about and these events totally (IMO) justify concerns about safety of data vested with others who are often all but inaccessible to the Everyman.

My next pondering on the Optus fail, is how many of the leaked data sets were kept “just because they could” - no longer current customers, retention periods outside of legal requirements.

Quote:
Originally Posted by marty351 View Post
In these circumstances, and in this age of cyber-everything; Is "plausible deniability" a legal protection recognised in law, especially when so much evidence can be used to prosecute or defend this situation?
With governments increasingly reversing the onus of proof, I don’t fancy your chances. Add “trial by social media” and if you’re painted black, you’re finished - whether fair or not.
Citroënbender is offline   Reply With Quote Multi-Quote with this Post
3 users like this post:
Old 23-09-2022, 12:15 PM   #8
russellw
Chairman & Administrator
Donating Member3
 
russellw's Avatar
 
Join Date: Dec 2004
Location: 1975
Posts: 107,331
Community Builder: In recognition of those who have helped build the AFF community. - Issue reason: Raptor: For Continued, and prolonged service to the wider Ford Community 
Default Re: Optus Data Breach

As it currently stands in Australia, there is no repercussions against a company from a legislative standpoint unlike the EU model GDPR regulations which have stiff fines that peak at €10M but are doubled if there is negligence involved.

Likewise, some Europen countries have introduced criminal liability that can result in the prosecution of those deemed to have been negligent.

Apart from the damage to the Corporate reputation, there have also been successful class actions for 'damages' in other countries and there is a current one against Optus in Australia for a much smaller data breach in 2019.
__________________

__________________________________________________

Observatio Facta Rotae


russellw is offline   Reply With Quote Multi-Quote with this Post
5 users like this post:
Old 27-09-2022, 09:37 AM   #9
FroudeyBrand
Regular Member
 
Join Date: Feb 2015
Location: Bathurst NSW
Posts: 147
Default Re: Optus Data Breach

I find it funny that its quite a coincidence that days before the leak, someone used my licence to open up a up.com (bendigo bank) bank debit account.
FroudeyBrand is offline   Reply With Quote Multi-Quote with this Post
Old 27-09-2022, 04:51 PM   #10
mondeomatureguy
FF.Com.Au Hardcore
 
Join Date: Aug 2019
Location: Goulburn NSW
Posts: 513
Default Re: Optus Data Breach

Hi Guy's
This is a very worrying thing that has happened with Optus. Its the older people like my mother inlaw who in her 80s that iam worrying about.
My wife phoned her and told her not to answer any e-mails, or txts and phone calls that she didnt know the number.

To go in person to a Optus Office and get details then go to your bank and have a chat with them.
I heard on the Radio that you can go and change your driver's Licence number just by going to a Service First Office.
mondeomatureguy is offline   Reply With Quote Multi-Quote with this Post
Old 27-09-2022, 05:43 PM   #11
GT1533
Regular Member
 
Join Date: Jan 2018
Posts: 88
Default Re: Optus Data Breach

According to the ABC, changing your license number is quite difficult.


https://www.abc.net.au/news/2022-09-...bers/101475118
GT1533 is offline   Reply With Quote Multi-Quote with this Post
This user likes this post:
Old 27-09-2022, 05:59 PM   #12
mad2
Regular...with metamusal
Donating Member2
 
Join Date: Oct 2009
Location: Geeeloong
Posts: 6,648
Default Re: Optus Data Breach

Quote:
Originally Posted by GT1533 View Post
According to the ABC, changing your license number is quite difficult.


https://www.abc.net.au/news/2022-09-...bers/101475118

depending on your state. think i read earlier that in vic it's a case of give us a call when someone has drained your account.......
mad2 is online now   Reply With Quote Multi-Quote with this Post
Old 27-09-2022, 06:05 PM   #13
JasonACT
Away on leave
 
Join Date: Apr 2019
Location: ACT
Posts: 1,735
Tech Writer: Recognition for the technical writers of AFF - Issue reason: Outstanding work on the FG ICC issues. Technical Contributor: For members who share their technical expertise. - Issue reason: The insane amount of work he has put into the Falcon FG ICC is unbelievable. He has shared everything he has done and made a great deal of it available to us all. He has definitely helped a great deal of us with no personal gains to himself. 
Default Re: Optus Data Breach

It was reported today (though I think I saw it on the DailyMail - so.....?) that the people involved have deleted the archive and apologised for releasing 10,000 individual's private details.

https://www.dailymail.co.uk/news/art...sell-data.html
JasonACT is offline   Reply With Quote Multi-Quote with this Post
Old 27-09-2022, 06:12 PM   #14
T3rminator
FF.Com.Au Hardcore
 
T3rminator's Avatar
 
Join Date: Jul 2005
Location: Melbourne
Posts: 6,931
Default Re: Optus Data Breach

Quote:
Originally Posted by russellw View Post
I'm sure their head of IT Security will be looking for a new job shortly.
That person is a relatively recent recruit from the Bank of England. That may save him. I think it will largely depend on how he handles this incident, rather than be responsible for letting the incident happen in the first place.

Their old CISO left in August, and only updated his Linkedin profile to say so a few days ago...after the hack!

Quote:
Originally Posted by russellw View Post
As it currently stands in Australia, there is no repercussions against a company from a legislative standpoint unlike the EU model GDPR regulations which have stiff fines that peak at €10M but are doubled if there is negligence involved.
I think the OAIC can issue penalties. https://www.oaic.gov.au/about-us/our...ivil-penalties

And being a publicly listed company, I think ASIC may be able to apply some form of penalty as well.
__________________
~~~~~~~~~~~~~~


Rides (past and present)
Current: 2004 Ford Falcon 5.4L 3v Barra 220, Manual
Past: Mitsubishi Sigma (m), Toyota Seca (m), Toyota Seca SX (m), Toyota Vienta V6 (m), Toyota Soarer 4L v8 (a), BA XR8 ute (m), T3 TE50 (m), BMW Z4 (m)

AFF motto - If contrary views trigger, please use ignore button.

Last edited by T3rminator; 27-09-2022 at 06:22 PM.
T3rminator is online now   Reply With Quote Multi-Quote with this Post
Old 25-11-2022, 07:59 AM   #15
mad2
Regular...with metamusal
Donating Member2
 
Join Date: Oct 2009
Location: Geeeloong
Posts: 6,648
Default Re: Optus Data Breach

Quote:
Originally Posted by GT1533 View Post
According to the ABC, changing your license number is quite difficult.


https://www.abc.net.au/news/2022-09-...bers/101475118


i now have the 'temp' licence decal whilst waiting for my new licence . . ....
mad2 is online now   Reply With Quote Multi-Quote with this Post
This user likes this post:
Old 25-11-2022, 09:56 AM   #16
Itsme
Experienced Member
 
Itsme's Avatar
 
Join Date: Sep 2006
Location: Australasia
Posts: 7,683
Default Re: Optus Data Breach

Quote:
Originally Posted by mad2 View Post
i now have the 'temp' licence decal whilst waiting for my new licence . . ....
I now have received the new licence from Vic Roads which is a big relief for me, now I'm weighing up my option who will be my new internet & mobile phones provider.
Itsme is offline   Reply With Quote Multi-Quote with this Post
This user likes this post:
Old 25-11-2022, 12:20 PM   #17
xkxlxm
FF.Com.Au Hardcore
 
Join Date: Jan 2019
Posts: 575
Default Re: Optus Data Breach

I was a little bit surprised, when the Optus thing happened, to hear the CEO (?) say: "I am angry that there are people out there who will do this to our customers." (or words very close to that)

It seemed to show a very naive level of thought for someone in such a senior position. Of course these people are out there and it's your job to do everything possible to stop it happening.
xkxlxm is offline   Reply With Quote Multi-Quote with this Post
3 users like this post:
Old 26-11-2022, 04:48 PM   #18
T3rminator
FF.Com.Au Hardcore
 
T3rminator's Avatar
 
Join Date: Jul 2005
Location: Melbourne
Posts: 6,931
Default Re: Optus Data Breach

Quote:
Originally Posted by xkxlxm View Post
I was a little bit surprised, when the Optus thing happened, to hear the CEO (?) say: "I am angry that there are people out there who will do this to our customers." (or words very close to that)

It seemed to show a very naive level of thought for someone in such a senior position. Of course these people are out there and it's your job to do everything possible to stop it happening.
Train wreck interview. From what I have heard, the bad guys didn't have to "hack". A series of bad practices meant the data was made available on the internet. The bad guys just had to find it and take it.
__________________
~~~~~~~~~~~~~~


Rides (past and present)
Current: 2004 Ford Falcon 5.4L 3v Barra 220, Manual
Past: Mitsubishi Sigma (m), Toyota Seca (m), Toyota Seca SX (m), Toyota Vienta V6 (m), Toyota Soarer 4L v8 (a), BA XR8 ute (m), T3 TE50 (m), BMW Z4 (m)

AFF motto - If contrary views trigger, please use ignore button.
T3rminator is online now   Reply With Quote Multi-Quote with this Post
Old 26-11-2022, 05:35 PM   #19
roKWiz
Cabover nut
 
roKWiz's Avatar
 
Join Date: Aug 2015
Location: Onsite Eastcoast
Posts: 11,324
Default Re: Optus Data Breach

Not really sure why we are so surprised about this, reckon it's only the tip of the iceberg before we see more state sponsored hacker having their way.
__________________
heritagestonemason.com/Fordlouisvillerestoration
In order that the labour of centuries past may not be in vain during the centuries to come...... D. Diderot 1752

roKWiz is offline   Reply With Quote Multi-Quote with this Post
2 users like this post:
Old 27-11-2022, 02:55 PM   #20
J Arthur Rank
Regular Member
 
Join Date: Jun 2015
Posts: 415
Default Re: Optus Data Breach

A big part of the problem is the people in charge of these big (and small) companies have no idea about IT security or even IT principles in general - hence a dumbarse comment like the CEO made.
J Arthur Rank is offline   Reply With Quote Multi-Quote with this Post
Reply


Forum Jump


All times are GMT +11. The time now is 07:34 PM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Other than what is legally copyrighted by the respective owners, this site is copyright www.fordforums.com.au
Positive SSL