Optus and Their Shabby Controls - Identity Theft Using Sim Swapping

gentlecrack on 11/03/2018 - 15:58
Last edited 11/03/2018 - 18:09

Someone swapped a SIM of one of my friends through Optus. It was transferred back before any financial damages, and Telecom Ombudsman and police complaints were raised by him.

Optus case officer promised all controls including a secure pin were in place to prevent a repeat, but he found out it was not the case by testing it out with Live chat the same evening.

Optus customer care promised they fixed the issue after escalation, but the next day the fraudster did sim swapping again, only by providing same two basic IDentification parameters, this time hacking into one of his credit card accounts.

Optus is now playing saying that he can get off the contract and leave for another service provider as his ID is compromised.

He’s looking for a lawyer to sue Optus. Any ideas on a good lawyer or reference to previous cases?

Mobile

Related Stores

Optus
Optus

Comments

  • toristo on 11/03/2018 - 16:23
    +1

    Sue Optus?
    What are the damages that he has incurred?

    • gentlecrack on 11/03/2018 - 18:05

      $6000 in credit card fraud.
      Potential personal information leakage.
      Possibility of further sim swap anytime.

      • Olokun on 11/03/2018 - 18:18
        +2

        $6000 in credit card fraud.

        This will be covered by the credit card provider. So no financial loss

        Potential personal information leakage.

        Potential is not actual. So no financial loss

        Possibility of further sim swap anytime.

        Replacement SIM cards are free. So no financial loss

  • Xetrok on 11/03/2018 - 16:25
    +4

    Your friend will get nothing from Optus except a large lawyer bill.
    They have deeper pockets than him and he suffered no real damages.
    They have offered a solution, breaking the contract and let them leave if he's not happy with them.

    • gentlecrack on 11/03/2018 - 18:06

      Why do you say he did not suffer real damages?

    • 0 jingle 0 on 11/03/2018 - 18:25

      Losing $6,000 sounds like real damages.

      Wouldn’t calling breaking the contract a solution if they were negligent in securing the service, even after a concern was raised and leading directly to the loss.

      • coco1458 on 11/03/2018 - 18:43

        You can prove it all you want but seeking liability for damages isn't worth it with such a small amount.
        Yes he's lost $6000, he'll get a portion of that back and a big fat lawyer bill. Did he really win?

        • gentlecrack on 11/03/2018 - 20:33

          Can he sue for the emotional stress? The entire past week he’s been worried everyday about getting up in the morning and seeing mobile in SOS, with mails from some Bank.

          Also how about the lack of proper controls on ones identity verification by Telcos?

          Going by what he said, it’s just a matter of getting ones Fullname and DOB to take a replacement sim in Australia, probably very easy with the social media presence of ppl these days.

          It’s a scary reality.

        • coco1458 on 11/03/2018 - 21:25

          @gentlecrack: Emotional Stress is a problem of it's own, how much value do you put on emotional stress?

          Lack of proper controls on identity verification wouldn't be challengeable as I believe that they would be acting within the law for that one

        • whooah1979 on 17/03/2018 - 09:18

          @coco1458:

          Emotional Stress

          It sounds like op’s friend is looking for a fat six figure settlement. The ones we see on USA tv shows.

  • Diji1 on 11/03/2018 - 16:41
    -8

    And this is what happens when the industry writes the legislation by paying off the pigs that were voted in by us. That's Liberal and Labour voters.

    Oh yeah and the Australian Government lost control of every Medicare No. in Australia.

    So that's yours if you have a Medicare No.

    • Baysew on 11/03/2018 - 16:53
      +6

      Off topic rant.

      OP is looking for a lawyer not a rubbish political announcement.

      He’s looking for a lawyer to sue Optus. Any ideas on a good lawyers or reference to previous cases?

    • Ryanek on 12/03/2018 - 08:19

      Further to this, my next door neighbor always leaves his bin out on my side of the nature strip.

  • kipps on 11/03/2018 - 17:07

    Has your friend lodged a complaint with the privacy commissioner?

    • gentlecrack on 11/03/2018 - 18:08

      Not sure, will ask him. He said he filed report with scamwatch, ACORN and Commonwealth certificate authority (don’t know what that means) in addition to TIO and police.

  • Xetrok on 11/03/2018 - 19:17

    So is the $6000 debt from Optus or elsewhere?
    What is the breakdown of the 6000?

    • gentlecrack on 11/03/2018 - 20:38

      From another credit card the password of which was reset using mobile number.

      • zambuck on 13/03/2018 - 09:03
        +1

        Much like mobile phone charges a fraudulent credit card charge isn't a loss until you actually pay it. Your friend should dispute through his bank the transactions he didn't make, and generally they'll allow him to not pay those charges unless the investigation shows your friend is liable. My experience is such an investigation takes around 45 days or more, but unless your friend did something stupid to lead to the fraud, which doesn't seem to be the case based on your description, the bank will reverse the charges and he'll never have to pay.

        Trying to sue Optus isn't likely to result in joy. Your friend won't have the deep pockets for lawyers that they do.

  • tebuman on 17/03/2018 - 08:54
    +1

    Same thing happened to me. Optus is absolutely hopeless. Someone ported my number out and took control of my bank accounts wiping out all my personal and joint savings. Optus refused to cooperate and denied any wrongdoing. Oh NAB aren't any better to.

    Luckily I got all my money back after a month. But I went through hell sorting everything out and the emotional stress was real.

    • gentlecrack on 17/03/2018 - 09:17

      Did you file a TIO complaint? I am very sure the controls are not in place for Optus as I was assisting my friend to try and see if there are still gaps in terms of their security and I found they are extremely poor in identity management. I did some testing with other telcos and major banks as well (my own accounts) to see if they would send me member numbers, passwords etc and results are shocking to say the least.

Login or Join to leave a comment
Login Join