Updated 14 October 2022, first published 26 September 2022

Individuals who are concerned that their personal information may have been disclosed due to the Optus data breach are advised in the first instance to check the Optus website for information and contact Optus via the My Optus App or call 133 937.

There are a number of resources that provide information on how individuals can take steps to mitigate the risk from data breaches. Information about responding to a data breach notification is available on our website. Optus has engaged IDCARE, the national identify and cyber support service, to support affected customers. Useful advice can also be found on the Scamwatch website.

Australian Government agencies have developed a fact sheet about the Optus data breach.

If you consider you have been affected by this data breach and wish to make a privacy complaint, you need to complain to Optus first. For information about complaining to Optus, see Optus’ Complaint Handling Policy.

If you are unable to resolve your complaint with Optus, you may wish to lodge a complaint with the Telecommunications Industry Ombudsman (TIO). The OAIC recognises the TIO as an external dispute resolution scheme that handles privacy-related complaints under the Privacy Act 1988. If you are unsatisfied with the outcome of the TIO process, you can lodge a privacy complaint with the OAIC.

Advice for organisations

Information on how to respond to a data breach can be found in the OAIC’s data breach preparation and response guide.

Recent guidance has also been published on the privacy considerations for financial services entities receiving data from a carrier or carriage service provider under the Telecommunications Regulations.