This was posted 1 year 7 months 1 day ago, and might be an out-dated deal.

Related
  • expired

[QLD] Free New Qld Drivers Licence for Optus Data Breach Customers @ Qld Transport

4140
[QLD] Free New Qld Drivers Licence for Optus Data Breach Customers @ Qld Transport
Go to Deal
ciab on 27/09/2022 - 21:11 qld.gov.au (5942 clicks)
Last edited 29/09/2022 - 10:45 by 3 other users

If you've been notified by Optus (through email, text or account message) that your driver licence number has been exposed as part of the data breach, follow these steps:

  1. Bring the following documentation with you to a transport and motoring customer service centre:
    • your evidence of identity
      and
    • your Optus data breach communication for us to sight
      or
    • written notification from an enforcement authority such as Queensland Police Service.
  2. Your card/s will be replaced free of charge and you will receive them in the mail.

See Also: Driver License replacement schemes for other states.

QLD, SA, VIC, TAS, WA, NSW, NT

Automotive Driver's Licence

Related Stores

Queensland Government
Queensland Government
Optus
Optus

closed Comments

  • ilovefullprice on 27/09/2022 - 21:13
    +204

    Optus should be paying for this. Not tax payers.

    • michaelTito on 27/09/2022 - 21:16
      +33

      hope Optus get slapped with a big massive fine for this.

      • Seph on 27/09/2022 - 21:17
        +8

        Apparently the maximum fine they can get is $2M under current law

        • jimbler on 27/09/2022 - 21:28
          +53

          Maximum fine is $2m + free Premier League for everyone for the next 10 years.

        • Magpye on 28/09/2022 - 01:22

          Yes, but it can be multiple years of $2M

        • hotphil on 28/09/2022 - 12:51
          +4

          my prediction:

          oiac and other investigating bodies won't report back for 11 months
          we'll probably have a toothless royal commission as it seems we have one of those anytime anyone so much as farts
          press won't report on any of their findings much
          CISO collects bonus as normal
          and nothing changes

          CxO's need to start being actually responsible for their shit.

        • ShannonN on 28/09/2022 - 15:31

          yes 2mill for each person data breached we know 10,000 details were released so 2 mill x 10,000 lol

      • ChickenDinner123 on 27/09/2022 - 21:17
        +27

        $2M max fine cause of laws are so weak. If this was the EU, they would be facing hundreds of millions in fines.

        • Telios on 27/09/2022 - 21:34
          +25

          Yup exactly.

          And they've argued against deleting user data before any of this even happened in 2019 and 2020

          Australia needs a similar suite of laws to the GDPR.

          We simply cannot entrust foreign owned entities to follow data storage and protection laws of their own volition.

          They will always, always do as little as possible. At the lowest cost possible.

          Proper regulation needs to happen now!

          • [Deactivated] on 27/09/2022 - 22:52
            +23

            @Telios: The data retention bill (2015) the last government introduced made it compulsory for telcos and ISPs to keep identifying information on all customers for a minimum of 2 years following account closure. Most ISPs argued against that because storing it is a pain in the ass and leads to risks like this.

            They’ve had to have ID of current customers since after sept 11….

            Yet again more and more laws creating opportunities for crimes rather than actually solving it.

            The complete irresponsible handling of the data is all on Optus though.

            As well as higher fines for gross incompetence the government needs to move away from using static numbers to identify people and force some kind of token system via something like myGovID, if they’re going to insist on invading people’s privacy in the name of security anyway.

      • whyisave on 27/09/2022 - 22:45

        didn't NSW Health get "hacked" or "data breached" recently?

        would a fine change behaviours ?

        should someone in the company, resign over this ?

      • britta on 29/09/2022 - 13:22

        They would just pass it onto its customers :-(

    • [Deactivated] on 27/09/2022 - 21:22
      +5

      They apparently will be issued the bill.

      • JonSteele on 28/09/2022 - 18:51

        And the consumer will be issued with the Price Hike to pay for the CEO's holiday.

      • drhip on 27/09/2022 - 21:29
        +47

        Optus has the obligation to secure our data, technically they should not store our data in the first place. Rumour is that they left the door open for people to just walk in and then walk out with our data

          • drhip on 27/09/2022 - 21:34
            +15

            @foreverphoenix: So can we hate the hacker(s) and Optus at the same time??

            • foreverphoenix on 27/09/2022 - 21:35
              -1

              @drhip: Yeah, all I’m saying is reserve at least 1% of the anger at the hacker/s.
              After all they intended to sell the data and threatened to do so - not very nice

              • drhip on 27/09/2022 - 21:38
                +1

                @foreverphoenix: Then you need to show me who's the hacker first? I cant hate myself in the mirror!!!

              • afoveht on 27/09/2022 - 23:00
                +3

                @foreverphoenix: Half to 1%. That deescalated quickly.

            • TheRealCJ on 27/09/2022 - 21:38

              @drhip: Apparently not, since people have been defending the hacker.

              • foreverphoenix on 27/09/2022 - 21:49
                +1

                @TheRealCJ: The only argument one can make for the hacker is that they exposed Optus’ laxed data management. But hey, good luck arguing that as a defence in a court of law lol

                • Elijah on 27/09/2022 - 22:08
                  +14

                  @foreverphoenix: I do business with you and you demand for my ID, I give you my ID. Then you lose my ID and blame the person who took it from you… why would I have even 1% of my anger directed against someone else but you… ?

                  • foreverphoenix on 28/09/2022 - 02:28

                    @Elijah: Requirement to produce ID isn’t a business decision by telcos. It’s a statutory requirement required by law. There was a time telco companies didn’t ask for IDs. Until about ten years ago Optus never asked for IDs until the law changed requiring them to do so.
                    Second, Optus didn’t “lose” your ID, they negligently stored it - (also against the law). But there is a distinction between losing and having someone take it. So, Yes of course you can blame the person to a degree for helping themselves to it because the person didn’t have the right to help themselves to the information. It’s a crime to do that, just like helping oneself to a wallet left on a bench. Just cuz it’s there doesn’t mean it’s yours to help yourself to it. If you don’t want to accept these facts then good luck arguing against the law in a court cuz that’s what the law says. Look it up.
                    Don’t hate the messenger. I’m merely stating the law here. Why do you think the police contacted the FBI to find the people who did it? Cuz they were bored?

                    • PenGuinMighty on 28/09/2022 - 10:02

                      @foreverphoenix: Believe the requirement is only to verify that there is a valid ID. This is why the ID should not leave the source (identity provider - digital or physical) and the service (Optus in this case) must only be recording whether its true (valid) or false (not valid). Instead, by allowing the service to hold a copy of the data, you are making copies of the data that can then be compromised as it happened in this case.

                      • foreverphoenix on 28/09/2022 - 10:52

                        @PenGuinMighty: Well, that’s Optus’ f-up for not doing proper risk management. Still, it doesn’t justify taking other peoples personal info protected under the law. Two wrongs don’t make it right. Again, I’m not saying Optus should be absolved of wrongdoing. I hope they get a massive fine. All I’m saying is hey, Australian law disagrees with most of you and makes it a criminal offence to 1) to obtain/retrieve/hack the data 2) threaten to release it 3) actually release it 4) blackmail and ask for a bribe not to release it. That’s up to 10 years if I’m not mistaken! Crim lawyers can confirm.
                        Just saying what it is. Don’t hate the messenger.
                        Optus on the other hand, will not go to jail or have anyone working for it punishes. Probably will only get a fine and possibly an earful of ‘don’t do it again’ from the comms ombudsman. That’s the sad part, but that’s the reality. If you don’t like what I’m saying call your nearest politician / senator and complain

                    • Elijah on 28/09/2022 - 13:40

                      @foreverphoenix: My point being even that 1% of anger would never be directed towards the hacker…, and 100% against the company that stored my ID and lost it. Sorry no two ways to that, lest it be lost or taken…

      • Zorlin on 27/09/2022 - 21:33

        No.

      • Caped Baldy on 27/09/2022 - 21:34
        +3

        How would you feel if your bank left the door open overnight?

        • foreverphoenix on 27/09/2022 - 21:41
          -7

          Of course I wouldn’t be happy. But I’d also be pissed at the dishonest thieves who help themselves to the money. Two wrongs don’t make it right.
          It’s like gun control. I’d reserve my anger at both the gunman and the gun manufacturer. Both are responsible at some level. Hey if you think I’m wrong, try arguing in the courts. That’s what the courts have decided in previous cases. i.e. shared responsibility

        • dlovep on 27/09/2022 - 21:45

          24 hours banking…. but they don't let their safe open like optus - that's important.

          • foreverphoenix on 28/09/2022 - 02:49

            @dlovep: That’s cuz money is more important than your personal data 😆

            • Caped Baldy on 28/09/2022 - 08:50

              @foreverphoenix: Is that comment serious?

              The personal data can be used to steal your money..

              • foreverphoenix on 28/09/2022 - 10:55
                -2

                @Caped Baldy: Sorry mate. To the banks it’s not. Money is more important. Forgot the banking commission? Did you not hear the f-ups from the bank? What’s more important to them now? Money or your personal data?

        • whyisave on 27/09/2022 - 22:49

          physical objects like money can be re-printed or replaced,
          but how are you going to Inception someone, the knowledge of your identity ?

          • foreverphoenix on 28/09/2022 - 10:56
            -1

            @whyisave: Don’t be naive mate. Good luck arguing that with the bank. I challenge you to take this argument to the bank and see how it goes.

          • foreverphoenix on 28/09/2022 - 11:02
            -1

            @whyisave: So can physical objects like IDs be reprinted and replaced. That’s what the states are doing aren’t they? Except in WA all states are going to reissue new IDs. And pass the costs to Optus. Cheaper to change IDs and pass the costs to Optus than to reprint money.

            • whyisave on 28/09/2022 - 12:41

              @foreverphoenix: the only thing 'physical' about an ID, is the plastic as its material composition.

              the information on an ID, is not 'physical' per se, but only exists as information,
              and it's an intangible aspect of the ID.

              i should have phrased it as tangible and intangible,
              because information by its nature, exists in minds and systems,
              ie. needs a physical medium to carry it.

      • darkmattersunB6c0MV on 27/09/2022 - 21:42
        +7

        So, blame the threat vectors, and not perform the due diligence?

        You are either a manager or a politician.

      • foreverphoenix on 27/09/2022 - 21:43
        -7

        Wow so many hackers on this forum lol 😂

        • Joker042 on 27/09/2022 - 22:12
          +3

          No, just people who aren't idiots. You can be angry at the company that failed to secure your information without loving hackers.

        • Elijah on 27/09/2022 - 22:19
          +2

          I think you work for Optus… lol 😂

      • USER DC on 27/09/2022 - 21:44
        +1

        at the very least Hacker has initiated a strong reform movement in Australia, a strong movement which will lead to a stronger laws regarding privacy information retention laws. As much as I hate hacker for leaving 10200 people's sensitive information, I am still glad that Hack will start a stringent laws in Oz.

        Hacker himself said he wouldn't have had done this if Optus had a safe contact way.

        • foreverphoenix on 27/09/2022 - 21:47
          -3

          That’s what people say to lay off blame. I don’t buy it. Sorry. Two wrongs don’t make it right. I’m pissed off. Don’t get me wrong, and not happy my data has been breached. But like I said, it’s like the gunman situation. I blame the manufacturer (Optus) and the gunman (hacker).

          • belongsinforums on 27/09/2022 - 22:05

            @foreverphoenix: You need to research white hat

            • foreverphoenix on 28/09/2022 - 11:06
              +2

              @belongsinforums: Are you saying the guy who retrieved the data, then threatened to release it unless a bribe was paid and demanded ransom, blackmailed a company, then actually released the data is a white hat hacker?

              • belongsinforums on 28/09/2022 - 11:39
                -1

                @foreverphoenix: Yes. Read the hacker's cancellation post

                • foreverphoenix on 28/09/2022 - 13:33
                  +1

                  @belongsinforums: So if I come to you, steal your IDs, then blackmail you, and demand money, or else I’ll release the info; then actually release your info to everyone and, then when police threatens me to find me and when I realise how big of a shitstorm it is, all of a sudden I conveniently have a change of mind and leave a shitty note with misspellings say sorry - all is forgiven?
                  I’m in the wrong business. I should start hacking people and blackmail them cuz apparently it’s okay to do that according to everyone here

                  • p1723 on 28/09/2022 - 18:27
                    +1

                    @foreverphoenix: It was such a shit excuse of an apology lmao. It's obviously some teenager who had no remorse until they realised the fbi and hundreds of cyber staff were onto him. "It wouldn't have happened if optus had a bounty program"
                    Ummmm, he was just in it for the 1 million. He was so desperate for it that he upped the threats to 10k per day. Only when he realised that optus would never have paid does he give up

        • whyisave on 27/09/2022 - 22:51
          +1

          ~9M out of ~11M customers (out of 25M population) is a pretty significant number of the current population.

          Is the "strong law" going to 'Inception' the information out of whoever has got this information ?

      • superroach on 27/09/2022 - 22:01
        +8

        This was less a hack and more data harvesting.
        There was no sophistication to it.

      • [Deactivated] on 27/09/2022 - 22:57

        The hacker is some random person in probably some third world country. Anger against them isn’t going to do much because the chance they’re found is slim and they’re unlikely to be able to pay for the damage they caused anyway. If you put your cash in the bank and they leave it unguarded behind a trash can in a poor neighborhood, it’s still wrong for someone to take it but they’re not going to cop the brunt of the anger.

        • foreverphoenix on 28/09/2022 - 11:07

          Nope. The hacker is an Aussie from bogan areas of Australia. Hackers from third world counties don’t have bad grammar and spelling mistakes when they communicate ;)
          Didn’t you see their apology note?

          • JonSteele on 28/09/2022 - 18:54

            @foreverphoenix: Spot on. Wonder why someone gave you - for it, you just stated the truth.
            A) Chick did it
            B) She was either under 20, scared shitless with FBI got involed.
            C) Did nothing to gain from it, was so amateurish.

            Suddenly goes, nope not doing this anymore to much paranoia, walks out the door goes back on her merry way.

      • yoquierotaco on 27/09/2022 - 23:13
        +1

        People are pissed at Optus because they messed up. They are more pissed that Optus' response has been lackluster.

        As others have said, Optus has an obligation to secure our data. The relationship is between Optus and their customers. I don't like these hackers. But they are a reality. I assume companies with sensitive data are being tested all the time by hackers. There is an expectation that Optus secure the database of their customer's personal information (some of which we can't change). If this was a real sophisticated hack and Optus has done everything that is expected, then maybe we wouldn't be as pissed. But from what we know, this is not the case.

        • foreverphoenix on 28/09/2022 - 11:13
          +1

          I agree. Again, not absolving Optus of their incompetence, tantamount to criminal neglect… I’d prosecute Optus if I was govt. unfortunately probably ain’t gona happen. At most they’ll get away with a fine and a ‘don’t do it again’ warning. Sad part is, they’ll do it again.
          Generally, actions following a mistake defines a company. They failed the basics.

          • yoquierotaco on 28/09/2022 - 13:43

            @foreverphoenix: I think you hit the nail on the head with the other major reason why more people are pissed at Optus. They F up, but will get away with it.

            We have no idea who the hacker is and very unlikely they will be caught and prosecuted.

            Hate both hacker and Optus. Both will get away with it. But only Optus can and should do something to minimize the impact.

      • Topdog on 28/09/2022 - 01:46
        +1

        Why does Optus still have my data and i have not had an account with them since 2015.

        • foreverphoenix on 28/09/2022 - 11:15

          Cuz they are a f-up. I’m in the same situation. If you owe them a cent they’ll keep tabs on you and chase you to the end of the world but won’t protect your data

          • Topdog on 30/09/2022 - 13:50

            @foreverphoenix: I think, my last bill I was in credit 8 bucks, def dont owe them a cent. so annoying hey, they are saying 2017, I switched to Telstra, May in 2015. So its at least 2015.

      • DaveD on 28/09/2022 - 11:12

        Happy to hate the hackers if we know who the hackers are ..

      • 1st-Amendment on 29/09/2022 - 11:17
        +1

        Shouldn’t you be hating the hacker?

        Depends on what sort of effort was required to steal the data. From what I hear, a third party consultancy put all of prod data into non-prod then exposed it to a public facing API. For those who don't know what that means, it would be the same as if the bank took all their cash from their safe and left it at the front door, then wondered why it went missing. It is that level of incompetence.

    • drhip on 27/09/2022 - 21:27
      +5

      My understanding is that Optus is not listed on ASX and not even an Australian company T_T

      • Telios on 27/09/2022 - 21:35
        +5

        They are wholly owned by Singtel - a Singaporean company

        • Maglia Nera on 27/09/2022 - 21:39
          +9

          who is partly owned by the Singapore Government

          hence the Federal Government will be dancing the political waltz …

      • nzthunderboy on 28/09/2022 - 01:28

        Yes they are owned by Singapore Telecom. ST is owned by Tamasek 51%.

    • doctordv8 on 28/09/2022 - 07:23
      +1

      They are. All costs are being forwarded to Optus.

  • Seph on 27/09/2022 - 21:14
    +6

    Cmon NSW!

    • Clear on 27/09/2022 - 21:24

      The $29 fee will be reimbursed by Optus apparently.

      • Seph on 27/09/2022 - 22:02
        +3

        Thats to change the card number, not the DL number though

        • Clear on 27/09/2022 - 22:02

          It was only announced this evening.

        • timhn on 28/09/2022 - 08:16

          Yes, pretty pointless with just card number change.

    • M00Cow on 27/09/2022 - 21:49
      +2

      They've already given Optus Gladys. What else do you want?

      • easternculture on 27/09/2022 - 22:22

        They are demanding Muzeeb

      • whyisave on 27/09/2022 - 22:53

        haha…

        maybe there are now competitors for the CEO position?

  • TinyTimmy on 27/09/2022 - 21:14
    +21

    Not enough being done about this

  • curryking69 on 27/09/2022 - 21:14

    How does the mail look like. I used to be a customer, worried data has leaked. Can I try my luck in a licence.

    • sini180 on 27/09/2022 - 21:15
      +9

      If you were customer in the past 7 years consider it stolen.

      • curryking69 on 27/09/2022 - 21:16
        +1

        Didn't get a mail however

        • Jimothy Wongingtons on 27/09/2022 - 21:18

          Same email you used for optus? I thought I was safe but it went to a really old email…

        • superroach on 27/09/2022 - 22:02

          The api could have leaked your data at anytime

      • edrift on 27/09/2022 - 21:20
        +9

        I haven't been an Optus customer for over 10 years and I still received the breach email…

        • Koipanda on 27/09/2022 - 21:44
          +1

          They're still send them out.

          Just got mine today… Lucky no ID but still has my DOB, Address and every other info that makes me me

          • John Doh on 27/09/2022 - 22:09

            @Koipanda: Do you know what the subject looks like?

            • Koipanda on 27/09/2022 - 23:18

              @John Doh: Urgent update from Optus about your personal information

              • John Doh on 28/09/2022 - 05:41

                @Koipanda: Ok. Haven't got the mail yet. The only reason I got Optus was for that damn free tablet :(

                • p1723 on 28/09/2022 - 18:30

                  @John Doh: Ha ha at least you got a tablet

                  I got nothing out of them except shit service, wasted time, and data leaked for free

                  • John Doh on 28/09/2022 - 19:52

                    @p1723: I switched from Optus to yearly boost plans 2 years back, wont look back.

                    • p1723 on 28/09/2022 - 19:56

                      @John Doh: I could've sold my own data and made more of a profit than what they're doing as compensation

          • xsacha on 27/09/2022 - 22:48

            @Koipanda: Only customers since 2017 (past 5 years) are affected by the breach.
            But yeah if you are a current customer or within 5 years, then you definitely are affected. Just haven't received it yet.

            • [Deactivated] on 27/09/2022 - 23:50

              @xsacha: Probably affected, but even within the last 5 years not all had ID# stolen, if Optus’s logs are better than their security.

    • IJustKnowStuff on 27/09/2022 - 21:18
      +2

      If you're like the majority of people, just search "Optus" in your email service (e.g. gmail). My subject line was "Urgent update from Optus about your personal information", but I just searched optus and it was recently sent 3 days ago.

Login or Join to leave a comment
Login Join