Operation Guardian delivers specialised protection for Optus customers

This is a joint media release with the Australian Federal Police, all State and Territory Police, Australian Cyber Security Centre, Australian Banking Association, IDCARE and Customer Owned Banking Association.

Editors note: AFP Operation Guardian - Press Conference vision and audio is available via this Hightail link

The AFP and state and territory police have set up Operation Guardian to supercharge the protection of more than 10,000 customers whose identification credentials have been unlawfully released online under the Optus data breach.

Customers affected by the breach will receive multi-jurisdictional and multi-layered protection from identity crime and financial fraud. The 10,000 individuals, who potentially had 100 points of identification released online, will be prioritised.

Under the AFP-led JPC3, which is a joint partnership between law enforcement, the private sector and industry to combat the growing threat of cybercrime, Operation Guardian will focus on key measures to help shield affected customers, including:

  • Identifying the 10,000 individuals across Australia now at risk of identity fraud and alerting industry to enable further protection for those members of the public,
  • Monitoring online forums, the internet and the dark web for other criminals trying to exploit the personal information released online,
  • Engaging with the financial service industry to detect criminal activity associated with the data breach,
  • Analysing trends from ReportCyber to determine whether there are links between individuals who have been exploited, and
  • To identify and disrupt cyber criminals.

The JPC3 will use collective legislative powers, experience, investigative and intelligence capabilities of all Australian policing jurisdictions.

It will also complement other agencies, including the work by the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC).

AFP Assistant Commissioner Cyber Command Justine Gough said while a post on an online forum advertising the stolen data for sale had been removed, other criminals may have access to some, or all, of the data.

“Australian law enforcement agencies are working together and with industry partners to actively monitor any subsequent misuse of the data,’’ Assistant Commissioner Gough said.

“Australian law enforcement are aware of current criminal activity attempting to target and exploit impacted Optus customers that have been the subject of this data breach.

“Operation Guardian should send a clear warning to cybercriminals. The AFP, state and territory police plus other agencies through the JPC3 have a laser-like focus, plus a significant number of resources and legislative powers, to identify cybercrime targets.”

Assistant Commissioner Gough said Optus was cooperating fully with the AFP investigation and Optus’s early engagement and disclosure was helping the investigation.

Victoria Police Crime Command Cybercrime Division Detective Superintendent Jane Welsh said successfully responding to and preventing these crimes would only happen if law enforcement and our partners worked together.

“Victoria Police will continue to work collaboratively, offering our skill and expertise wherever possible,’’ Det-Supt Welsh said.

NSW Police State Command Cybercrime Detective Superintendent Matt Craft said NSW Police is helping to ensure we help protect those NSW Optus customers vulnerable to the breach and encourages all NSW residents to be extra vigilant about their online security.

Queensland Police Service Financial Crime and Cybercrime Group Detective Acting Superintendent Mike Newman said this is a timely reminder to individuals looking to profit from the release of this data that the QPS Cybercrime Squad will actively work together with other squads from around Australia to locate and prosecute cybercrime offenders.

Western Australia Police Force Financial Crimes Division Detective Superintendent Robert Anderson said, WA Police Force Cybercrime Investigation and Financial Crimes squad will work hand-in-hand with other police jurisdictions around Australia to locate and prosecute cybercrime offenders and assist those who have suffered as a result of this crime.

South Australia Police Financial and Cybercrime Investigation Branch Detective Chief Inspector Darren Fielke said South Australian victims affected by the data breach were advised to change their driver’s licence number by attending a Service SA Centre. The $20 fee for the new licence will be waived.

“Scammers are now sending phishing emails and text messages to victims requesting money to be sent to prevent their credentials been used fraudulently. Do not respond to any of these requests for money or requests for the purchase of gift cards,’’ Det Chief Inspector Fielke said.

Tasmania Police Crime and Intelligence Command Detective Sergeant Paul Turner said Tasmania Police Cyber Crime unit are working closely with the Australian Federal Police and other law enforcement agencies around the country to assist in the location of those persons responsible and ensure that local Tasmanians are protected from further harm.

The Australian Banking Association and Customer Owned Banking Association have jointly advised that:

  • Australian banks are working with the government and across the community to contribute to strengthening Australia’s cyber security resilience.
  • Banks’ focus is on protecting customers and have built strong cyber protection systems to keep their customers safe.
  • During periods of heightened risk banks increase their monitoring activities and existing safeguards are bolstered.

Members of the public, especially Optus customers, are asked to be extra cautious about unsolicited contact about the data breach.

There are reports that sophisticated scammers are contacting Optus customers via phone, email and text to get further personal information from the victims of the breach.

The public are encouraged to:

  • Look out for any suspicious or unexpected activity across your online accounts, including your telco, bank and utilities accounts. Make sure to report any suspicious activity in your bank account immediately to your financial institution;
  • Do not click on any links in any email or SMS claiming to be from Optus;
  • If someone calls claiming to be from Optus, police, bank or another organisation and offers to help you with the data breach, consider hanging up and contacting the organisation on its official contact details. This can be a scammer calling using your personal information.
  • Never click on any links that look suspicious and never provide your passwords, your bank’s one time pins, or any personal or financial information, and.
  • If people call posing as a credible organisation and request access to your computer, always say no.

David Lacey, IDCARE, a not-for-profit charity providing cyber support services said it was providing support to individuals who believed they may be experiencing identity misuse as a result of the Optus breach. 

“If you believe you have experienced identity misuse, you can book a time in with an IDCARE Case Manager via their Get Help for Individuals online form at IDCARE.org,’’ Mr Lacey said.

He said that since the breach, IDCARE has responded to more than 10,000 requests for information from the public.

If you believe you are a victim of Cybercrime, report it to ReportCyber at cyber.gov.au

Media enquiries:
AFP Media: (02) 5126 9297

Connect with us: Follow our Facebook, Twitter, LinkedIn, Instagram and YouTube pages to learn more about what the AFP does to keep Australia safe.

If it doesn't add up, speak up. Call the National Security Hotline - 1800 123 400.

Read the AFP Annual Report 2020-21

Australian Centre to Counter Child Exploitation - visit website

Policing and community news from the AFP