[QLD] Free New Qld Drivers Licence for Optus Data Breach Customers @ Qld Transport

4140

[QLD] Free New Qld Drivers Licence for Optus Data Breach Customers @ Qld Transport

ciab on 27/09/2022 - 21:11 qld.gov.au (5952 clicks)
Last edited 29/09/2022 - 10:45 by 3 other users

If you've been notified by Optus (through email, text or account message) that your driver licence number has been exposed as part of the data breach, follow these steps:

Bring the following documentation with you to a transport and motoring customer service centre:
- your evidence of identity
  and
- your Optus data breach communication for us to sight
  or
- written notification from an enforcement authority such as Queensland Police Service.
Your card/s will be replaced free of charge and you will receive them in the mail.

See Also: Driver License replacement schemes for other states.

QLD, SA, VIC, TAS, WA, NSW, NT

Automotive Driver's Licence

Freebie
4 Dec 2023 7:16pm

Related Stores

Queensland Government

Optus

closed Comments

- - curryking69 on 27/09/2022 - 21:21
    
    -5
    
    If someone could send the mail and I just use that it would be helpful. I can't find it anywhere but then again I've had several mails thought the years.
    - IJustKnowStuff on 27/09/2022 - 21:24
      
      Yeah this is NOT the way. If you are actually worried, contact Optus.
      - curryking69 on 27/09/2022 - 21:27
        
        @IJustKnowStuff: Yeah that's understandable. However I heard from multiple people that managed to download the leak that there is more than what Optus has revealed. Is this true… A little worried.
      - darkmattersunB6c0MV on 27/09/2022 - 21:44
        
        @IJustKnowStuff: Contacted Optus.
        The people there are clueless. They scanned my d/l in 2019 as a pre condition to giving me SIM.
        Now cannot tell me if my data was part of the breach.
- FirstWizard on 27/09/2022 - 21:36
  
  I got an email which said that my name, DOB, phone number, address and email address has been compromised.
  But they didn't have my licence or other IDs on file so they have not been affected.
  - [Deactivated] on 27/09/2022 - 23:03
    
    They have the 100 points of ID on file for all current customers or former customers within the last 2 years by law. Older ex-customers they probably deleted the ID. That doesn’t necessarily mean the id for all customers was accessed depending on how it was stored.
    - quikstix on 28/09/2022 - 00:59
      
      +2
      
      i guess the real question is do we trust they actually even know what was compromised or if they making educated guesses based on what could be access from their process of investigation. Im changing my drivers licence anyway even though they state my ID wasn't affected
      - [Deactivated] on 28/09/2022 - 01:40
        
        @quikstix: You probably won’t be allowed to change it unless they say it has been compromised or it gets used in identity theft first. Until at least today you were never able to change the number except if proven it was used in identity theft.
        
        I don’t necessarily trust them but it would be much worse for them to tell people their ID # hadn’t been leaked only to be proven wrong. If their logs are reasonable then they should be able to tell and they are distinctly emailing people with tailored information. One hopes they actually have expert help now…..
        
        quikstix on 28/09/2022 - 01:56
        
        @[Deactivated]: what are you thinking their logs will show them? If we talking about their back end I would be surprised if it was more verbose than just a list of servers accessed… I would be very surprised if they know what data could be reached by those. This wasn't even really a hack, they removed auth from one of their API's and used real data for testing instead of fake info…
        
        https://securityboulevard.com/2022/09/optus-faces-1million-r…
yht on 27/09/2022 - 21:15

+15

Targeted ?
Yoopy on 27/09/2022 - 21:15

"your Optus data breach notice" is that the email?
USER DC on 27/09/2022 - 21:16

+3

Its not new driver's licence, its a new driver's licence number (aka with same name, address, and expiry date)
- stickyfingers on 27/09/2022 - 21:17
  
  +14
  
  But you'd get a new license card with the new number…
- xsacha on 27/09/2022 - 22:50
  
  -1
  
  If I have 2 months left, they'll give me a new card with 2 months expiry? Or can they round up to 1 year?
- G-rig on 28/09/2022 - 13:20
  
  Which requires printing a new licence, they wouldn't let you keep the old one with the wrong number on it, haha (and by new, it's a replacement card with new numbers, fairly easy to understand I would have thought). Won't get an extra 3y for free on ya license.
yht on 27/09/2022 - 21:16

+3

If you change DL, who will contact all individual companies that the old one has been registered with ? Or it will be done automatically ?
- [Deactivated] on 27/09/2022 - 21:18
  
  +3
  
  who do you have your drivers licence number registered with?
  - yht on 27/09/2022 - 21:22
    
    -1
    
    Mobile phone company, banks, etc that you gave DL details for verification
    - zelliot on 27/09/2022 - 21:24
      
      +16
      
      This is where the problem started!
    - [Deactivated] on 27/09/2022 - 21:24
      
      they shouldn’t be storing it after they verify you so this doesn’t happen
      - Fybre on 27/09/2022 - 21:32
        
        +3
        
        @[Deactivated]: I thought they legally have to keep your identification details for mobile devices.
        
        Applause on 27/09/2022 - 21:38
        
        +2
        
        @Fybre: I think so too. I think that’s why they ask you for id check when activating a SIM card. Kinda makes my previous telcos saving my licence number useless since I’ll get a new licence number and there’s nothing to cross reference
        
        [Deactivated] on 27/09/2022 - 23:09
        
        @Applause: It’s not for them, it’s for the government, they will still know who had the old one.
      - [Deactivated] on 27/09/2022 - 23:06
        
        @[Deactivated]: Telcos and ISPs are legally required to keep ID for all customers until minimum 2 years after account closure (longer in some circumstances) See the data retention bill (2015) passed by the last government (with no pushback from the then opposition.)
        
        Banks need to be able to ID their customers, so they’ll have to keep ID too. Once on signup then ‘forgetting’ isn’t enough.
- Ironic fear on 27/09/2022 - 21:18
  
  -4
  
  Onus is on you
- Jimothy Wongingtons on 27/09/2022 - 21:19
  
  +3
  
  I can’t think of anyone it would matter that you changed your license once you’ve been approved..
- Oyster59 on 27/09/2022 - 21:21
  
  +16
  
  Most of those companies probably have no good reason to hold on to your DL details after they verify your identity in the first place anyway. That's probably what's going to come out of this whole debacle.
- FirstWizard on 27/09/2022 - 21:40
  
  +2
  
  I don't think it's required for any other company to hold a valid drivers licence number on file.
  They just have to be satisfied that they have validated it the next time you do a transaction.
  
  Personally, I wouldn't give it to anyone. It's not like a TFN. They can get it from me the next time I do a transaction with them.
  - [Deactivated] on 27/09/2022 - 23:57
    
    +1
    
    All ISPs and Telcos must keep your 100 points of ID on file from sign up for all customers and for a minimum of 2 years after account closure (data retention bill 2015).
    
    Banks and financial institutions afaik have to keep it for all current customers. The government wants to keep tabs on people. Short of the odd pub all places you give your ID to are keeping it while you’re a customer. (And even some pubs/clubs keep ID too).
    
    What we should have is digital IDs that give a unique number every time it’s requested+given. That way leaks would be useless as the number couldn’t be reused to verify your identity with anyone else.
    - FirstWizard on 28/09/2022 - 08:24
      
      +1
      
      You're totally right. We need to have a system where no one is required to keep and ID only a confirmation issued by some agency that the ID presented is valid at the time.
      
      However, according the the Act you mentioned, section 187AA mentions what information to be kept, minimum requirement is your name and contact information. Anything else is not mandatory.
      
      Also for pubs and clubs, NSW has a check-in system now with their digital driver's licence. This is similar to the COVID check-in one where you scan a QR Code to sign in. But I'm not sure what information is stored by the venue. I've seen that they get a copy of my photo in the the driver licence on their system. Not sure if that gets stored.
- xsacha on 27/09/2022 - 22:51
  
  +4
  
  They DO NOT NEED your drivers licence. It is only required for SIGN UP. After this they need to delete this data.
  This is the problem!
  - [Deactivated] on 28/09/2022 - 00:01
    
    They are legally required to keep it from sign up until a minimum of 2 years post account closure. (Data retention bill 2015) The problem is we have a single unchanging number that we have to give to potentially dozens of companies. This doesn’t need to be the case in the digital age.
    
    If they only needed it on signup they wouldn’t need it at all, because if they didn’t keep it they couldn’t tell who you are after sign up because your id # is the only guaranteed unique thing they know about you.
- spaceflight on 27/09/2022 - 22:59
  
  Who gave it to them in the first place?
- [Deactivated] on 27/09/2022 - 23:12
  
  They don’t need to get your new one, they keep it on the government’s behalf, the government will still know who the old one belonged to, the old one just won’t be able to prove your identity going forward via automated ID check systems.
  
  (It’s a stupid system but it’s what we have)
tellhimhesdreaming on 27/09/2022 - 21:17

+3

Onya Qld, send Optus the bill after. Hope all other states/territories follow
- cycloneaussie on 27/09/2022 - 22:16
  
  Wouldn’t put it past Anna to add a “processing fee”
dealsforlife on 27/09/2022 - 21:18

+1

NSW and other states should follow soon, hopefully.
- gakko on 27/09/2022 - 21:23
  
  NSW already has (reimbursement from optus). VIC working on optus paying the bill upfront according to article in the age.
  - M00Cow on 27/09/2022 - 21:53
    
    +3
    
    I dunno if giving them Gladys counts as a reimbursement
bargainatoraah on 27/09/2022 - 21:18

+1

No way I already have a good number
sini180 on 27/09/2022 - 21:19

Hard to say with certainty however the 'hacker' has advised apart from the 10,000 + 200 records leaked no more will be published. If you're in the leaked 10,200 records certainly apply. The rest may never see the light of day….. or maybe it will.
- buffalo bill on 27/09/2022 - 21:28
  
  +12
  
  A malicious party stole the data. Regardless of what anyone says - consider it compromised.
  - sini180 on 27/09/2022 - 21:31
    
    Clearly, that's what I said it's hard say with certainty, as there is no certainty.
- M00Cow on 27/09/2022 - 21:55
  
  +1
  
  The rest may never see the light of day….. or maybe it will.
  
  Yes let's postulate whomever stole the data (there could be multiple) didn't keep a copy. Honourable thieves and all.
  - sini180 on 27/09/2022 - 22:19
    
    Pretty obvious I didn't say it was secure. I said the perpetrator said it's gone, take that as you may. Again, it may never see the light of day, or it may. There is no guarantee either way. If you're in the 10,200 your data is already leaked without question so these people don't have the ambiguity the balance of the 11 million do.
- F1Maniac on 27/09/2022 - 22:19
  
  How do we even know this is real? Just from reddit and forum post? There were several claims on twitters from known hacker groups that they have the data already few hours after the breach
  - sini180 on 27/09/2022 - 22:23
    
    You don't. Only the people with the data know. Everyone else is speculating on what is public.
Bangerbargain on 27/09/2022 - 21:19

Will they make the old license invalid if you get issued a new dl?
- Azro on 27/09/2022 - 21:56
  
  Sure.
Capitalshark on 27/09/2022 - 21:20

I heard on the news tonight that Optus will contact those that has a licence number breach (a very small number of the overall breach) and will pay for the replacement in their home state , but don’t quote me
- cycloneaussie on 27/09/2022 - 22:17
  
  +9
  
  I heard on the news tonight that Optus will contact those that has a licence number breach (a very small number of the overall breach) and will pay for the replacement in their home state , but don’t quote me
  
  Quoted
  - Jimothy Wongingtons on 27/09/2022 - 22:45
    
    +1
    
    r/madlads
- Korban Dallas on 27/09/2022 - 22:29
  
  Heard from? They haven't been honest with us.
  
  Hear the trainwreck interview on 2GB today?
dullbeard on 27/09/2022 - 21:21

+23

When you're an Ozbargainer and you have FOMO over not getting a new license number so you secretly wish your personal data had been hacked too
phatmonk on 27/09/2022 - 21:21

+7

This should be able to be done online - I shouldn't need to go into a centre to do this in 2022.

Either way, Optus should be blanket paying for new Driver Licenses and Passports for all customers.
- Jimothy Wongingtons on 27/09/2022 - 22:47
  
  +3
  
  Exactly - or should be billing optus for time spent in queue and having to take off time during work hours
- whyisave on 27/09/2022 - 22:56
  
  New passports, eh….? hmmmm….
- Plentiful3271 on 28/09/2022 - 00:26
  
  +2
  
  Can they pay for our new date of birth too?
patnn001 on 27/09/2022 - 21:22

SA Government also offers a free replacement.
txb on 27/09/2022 - 21:23

What does the email look like? Is it meant to be a generic? How will tmr verify..?
FDA2021 on 27/09/2022 - 21:23

+1

Does the optus breach also include the different carriers that are powered by optus, such as amaysim?
- sini180 on 27/09/2022 - 21:32
  
  No
- BeerCrisp on 28/09/2022 - 08:39
  
  I would say this depends, some that are white labelling Optus most likely have Optus do everything for them, including storing the data. I would think Amaysim would handle all of their own processes and obviously just use the Optus 4G network. But someone like Coles I would assume just white labels Optus and Optus handle everything in the customer journey.
countmein on 27/09/2022 - 21:24

:( nsw ?
- iBuzz7S on 27/09/2022 - 21:40
  
  +1
  
  $29 but it will be reimbursed by Optus =/
  
  The cost to replace your driver licence is $29 and will be charged by Service NSW at the time of application – reimbursement advice will be issued by Optus to customers in the coming days.
  
  https://twitter.com/VictorDominello/status/15746588111675310…
  
  I have a feeling this will change by the end of the week if a certain talkback radio host gets on Victor's back.
  - whyisave on 27/09/2022 - 22:57
    
    i think the reimbursement is ONLY after you need to apply for it.
    it's not an automatic reimbursement.
tigershark on 27/09/2022 - 21:27

+2

VIC price match when ?
- Maglia Nera on 27/09/2022 - 21:39
  
  +2
  
  yep it's happening !
  - fuzor on 27/09/2022 - 22:05
    
    I thought it was against the VicRoads policy.
    - effraye on 27/09/2022 - 22:08
      
      +1
      
      Yeh but they’ve realised their policy is actually pathetic
Angelscrap on 27/09/2022 - 21:27

+1

I've been already getting so many spam txt, emails and calls!!!
BargainsGrabber on 27/09/2022 - 21:27

+1

C’mon ACT!
- Ori0n on 28/09/2022 - 15:20
  
  +1
  
  FYI - ACT information is here: https://www.accesscanberra.act.gov.au/s/article/Information-…
  
  Short answer - you'll get a new license (with a new card number but not a new licence number) if both the licence number and card number have been compromised. Optus will reimburse the $42.60 cost. If only one field is compromised, no new card is required. You can still request a new card (with a new card number but not license number) and pay the $42.60 yourself. Either way - no new license number - it stays with you for life.
AussieBoi90 on 27/09/2022 - 21:36

+1

No Band 28 or NFC - :(
Toph Beifong on 27/09/2022 - 21:38

+2

All I've been receiving from Optus is email after email asking me to pay for my overdue data plan.
- whyisave on 27/09/2022 - 22:58
  
  tell them, they've got the wrong @Toph Beifong
choory on 27/09/2022 - 21:41

Thanks!
It have to visit transport centre.
Kammi on 27/09/2022 - 21:41

What do Vic license holders do?
- Godric on 27/09/2022 - 21:44
  
  Nothing, it's only if you have had any fraudulent activity they will consider renewing your number
- billsa on 27/09/2022 - 21:51
  
  knowing copycat politics and that QLD & SA have both already done it, dan will probably announce the same thing tomorrow as will the rest of the states & territories
- sneakydean on 27/09/2022 - 23:34
  
  Victorians whose personal details were stolen in the Optus hack will be able to replace their driver’s licence online after the state government asked the telco to pay for the new documentation.
  
  The Department of Transport confirmed on Tuesday evening that Victorians affected by the data breach, and who had been contacted by Optus, would be able to replace their licences through the VicRoads website.
zuruhara on 27/09/2022 - 21:43

How about ex customer who ported out a year ago and doesn't get notice? Doesnt optus keep the data for 2 years? Or even 6 years?
- choory on 27/09/2022 - 21:51
  
  I don't use optus last 3~4 years but I received email. I'm not sure but I used optus 5~6 years ago.
- Telios on 27/09/2022 - 22:24
  
  +3
  
  Optus are allowed to keep data for 2 years after you leave.
  
  However due to our shit laws they are not required to dispose of data if they want to keep using it.
- xsacha on 27/09/2022 - 22:53
  
  +1
  
  They said anyone who had an account since 2017. So it's 5 years.
  You will be affected but just haven't received notice yet.
  - Topdog on 28/09/2022 - 01:54
    
    2015 for me, i just got a email
- [Deactivated] on 27/09/2022 - 23:19
  
  They are still sending notices out. They are required to keep all your information and ID for a minimum of 2 years after account closure, but nothing stops them keeping your info longer. There’s no guarantee that every customer’s data was accessed depending on what logs they have not everyone may get a notice or not everyone affected will necessarily have had their ID leaked (beyond name/email/DOB/address which they’re clearly keeping for longer.)
- quikstix on 28/09/2022 - 01:04
  
  I ported into optus for 3 days and then out again due to poor signal at home in early 2021, i contacted them on chat yesterday and they said no nothing exposed. I got an email today saying all but ID was exposed… i aint buying they know what was and wasnt taken
shahrah on 27/09/2022 - 21:44

+2

I have received

It is with great disappointment I’m writing to let you know that Optus has been a victim of a cyberattack that has resulted in the disclosure of some of your personal information.

Importantly, no financial information or passwords have been accessed. The information which has been exposed is your name, date of birth, email, phone number, address associated with your account, and the numbers of the ID documents you provided such as drivers licence number or passport number. No copies of photo IDs have been affected.

It has some more nonsense paragraphs continuing saying all nonsense and at the end an empty apologies and of course no reply email.

Optus is not the victim. We are! 🤬🤬
- darkmattersunB6c0MV on 27/09/2022 - 21:57
  
  +4
  
  Optus is just ticking boxes. As a special case, Oz Government should fine it out of existence.
  Pity that current laws allow them to get away by paying approx $0.18 per person in the data breach.
  They should penalize at the rate of at least $1000 per person, thus a fine of 9 billion AUD.
  As John McLane said "Yippee-ki-yay, motherf#$@€r"
BargainKen on 27/09/2022 - 21:45

+4

They should be doing this automatically, they already know who is impacted, just reissue the numbers (and I dont just mean QLD Drivers licenses) based on those affected and send optus the bill. The onus shouldnt be on us to fix their mistakes.
- [Deactivated] on 27/09/2022 - 23:24
  
  There will be people that have moved house and not updated their address, posting out ID unsolicited is itself a data breach unfortunately, as much as I agree with the sentiment.
  
  If we had digital IDs it would open up the possibility of generating a new number/token for each company you had to give it to, neutralizing the ability of a data breach to get any useful IDs.
  - BargainKen on 28/09/2022 - 10:06
    
    I think reissuance of the IDs is much lesser of the two evils. Something substantial has to be done en-masse to stop millions of people from potentially being defrauded by identity theft.
    - [Deactivated] on 28/09/2022 - 11:06
      
      Sure, that’s what this is about. Randomly mailing out IDs is definitely not the lesser of two evils though, on top of what is likely a much greater risk of identity theft than this hack, people will also unexpectedly be left with invalid ID which could make getting a reissued ID to their actual address near impossible.
Rhabdos on 27/09/2022 - 21:45

Off to TMR tomorrow.
billsa on 27/09/2022 - 21:48

+1

New rule: Telcos shouldn't force their customers to give over their license info
- spaceflight on 27/09/2022 - 23:16
  
  How will they verify your identity?
- [Deactivated] on 27/09/2022 - 23:44
  
  -1
  
  Most don’t want to, but they (and ISPs) are legally required to keep ID #’s for all current customers and past customers for a minimum of 2 years post account closure. See the data retention bill 2015. Though for current customers it was a requirement for Telcos for decades.
  
  Peter Dutton wants to know who to sue when you say mean things about him online.
  
  Assuming we can’t get the government to roll that back, a digital ID system would allow a Unique ID # / token per company you had to give it to.
baldur on 27/09/2022 - 21:57

Lol.
mastermik3y on 27/09/2022 - 21:57

It's a bit worrying that ex customers have also been impacted. What if you've used an older email address that you no longer check or have since deleted because you've moved ISPs. The email would've been sent by Optus but not received by the impacted ex customer. Also what about Optus Sports customers? I know you don't need drivers licence or passport to sign up but still to have your full name, address, contact number and email address potentially leaked is still quite bad.

This was posted 1 year 7 months 15 days ago, and might be an out-dated deal.

[QLD] Free New Qld Drivers Licence for Optus Data Breach Customers @ Qld Transport

Related Stores

closed Comments

Top Deals

New Deals