You might’ve read about it in the news or received an email from Optus yourself; either way, you’re likely aware of the significant data hack impacting customers of the major telecommunications company Optus recently.
It’s one of the largest data breaches in Australian history, and the telco has confirmed that up to 9.8 million customers may be affected.
Though the financial information and passwords of its customers were not accessed by hackers, the breach did compromise names, dates of birth, email addresses, phone numbers and some ID documents including drivers licence numbers and passport numbers; the details of which have reportedly been released on the dark web.
We care about the cybersafety and security of our members, and as such have put together 10 top tips for keeping your data safe online.
Strengthen your passwords
You may have heard it time and time again, but it’s never been more crucial to ensure you have strong passwords to your accounts. Strong passwords should be long, contain uppercase and lowercase letters, numbers, and special characters. They should also be different for each main account, but especially for banking and email accounts.
Get a password manager
If you’re someone who frequently forgets your password, creating several difficult passwords might pose a challenge.
This is where a password manager comes in. Password managers create strong passwords for you and store them securely. It also means you never have to struggle to remember a forgotten password again.
Enable two-factor authentication
Where you can, enable two-factor authentication on your accounts (particularly for your banking details). Two-factor identification should be set up for any account related to money, like your bank accounts, Centrelink, and superannuation. It’s best to be safe and set up two-factor for social media accounts too.
Two-factor authentication usually involves a unique code being sent to your mobile or email. Additional security questions (that are difficult for anyone else to answer) are also helpful as an extra step in protecting your accounts.
You can find a comprehensive guide to setting up two-factor authentication here.
Switch off your computer overnight or during long periods where you’re not working. If you’re always ‘on’, your computer becomes a more visible and available target for hackers. Shutting down breaks the connection a hacker may have established with your network (for that period).
Turn off Bluetooth
When you’re not using Bluetooth, turn it off. Keeping your Bluetooth on but dormant opens another back door for computer hackers.
Given that customers’ phone numbers have been breached, Optus has advised that it will not send out any emails or texts with links to click on.
If you receive a suspicious phone call, hang up and ring Optus on their number – not the number that called. If you receive an email and you’re not sure if it’s legitimate or not, contact Optus directly. If you receive an email from Optus, do not click on any link it may have, even if it looks legitimate.
SMS, or short messaging service, is more than three decades old. It’s generally reliable, but it’s outdated.
SMS messages aren’t encrypted, meaning the contents of each text message are viewable to mobile carriers and governments and can be intercepted by hackers.
Using encrypted services means that what you’re sending is better protected against surveillance and won’t be accessible if your device gets lost or stolen.
There are two main end-to-end encrypted messaging services, Signal and WhatsApp. Messages (including photos and videos) plus voice calls and video calls are encrypted by default within both apps.
Don’t use unsecured public Wi-Fi.
Password-free, widely used Wi-Fi networks have no security features. As such, they’re prime targets for computer hackers. If you can, use data.
Have your accounts monitored
There are professional services which can monitor for any suspicious activity in your accounts, or with your emails and personal documents. Norton Identity Advisor and Equifax Identity Protect are recommended by experts in Australia.
Consider trying the free online service HaveIBeenPwned, which checks if your email or phone number has been breached.
Keep your OS, apps and browser up-to-date
Always install new updates to your operating systems. Most updates include security fixes that prevent hackers from accessing and exploiting your data (the same goes for apps).
Additional tip: try the Credit Savvy app
Step 1: Download the Credit Savvy app (either in the Apple or Google app stores).
Step 2: Verify your details (Driver’s licence and Medicare card).
Step 3: Press “protect” from the bottom navigation.
Step 4: Press “Request a ban”. Credit Savvy will then let the other credit agencies know you’ve got a ban on your file within 2 business days.
Step 5: On the 16th day the Credit Savvy app will remind you that your pause is ending. When you get that alert – and this is important – click “ban my credit report for 12-months”.
And that’s it!
From then on if anyone tries to access your credit file, the Credit Savvy app will alert you.