From the article
"Those culprits are thought to be either a criminal or state-sponsored organization."
Well, I never would have guessed /S (just incase)
Australian telecommunications company Optus has fallen victim to a significant cyberattack and data breach. Coming clean on Thursday, Optus said the attack exposed information including customers' names, dates of birth, phone numbers, email addresses, and - for some - physical addresses, ID document numbers such as driving …
No, you don’t need photo ID.
Different documentation types have points/value associated with them. You need 100 pts of doco. One of the document types must be from a “primary” list which is a government product, although it could be any state/territory/federal government including a foreign passport (70pts).
But if you don’t want your mug shot associated the following is enough. Birth certificate (no photo, 70pts), electricity bill (20pts), phone bill (20pts).
Many “secondary” doc choices from non govt. orgs are acceptable, eg. banks, etc.
That said, they have pretty much everybody’s visage already so I imagine Face ID or Instagram could be added to streamline and simplify things, perhaps also create a source of income (jk). We, (EDS) were implementing facial recognition for passports (Aust. Customs) to speed entry way back in 2000. From memory getting Vista to work was a far bigger challenge.
I got a notification email from Optus, letting me know the great news that my password and financial information hadn't been leaked.
They went on to assure me that the comprimised details were limited to just my full name, date of birth, email, phone number, residential address, driver license number, and passport number.
This post has been deleted by its author
"Optus said the attack exposed information including customers' names, dates of birth, phone numbers, email addresses, and - for some - physical addresses, ID document numbers"
I fail to see how an ISP needs anything more than whatever identifiers their bank requires to ensure monthly payment, which doesn't include, for example, date of birth, phone number and email address*. It most certainly does not include any kind of ID document number.
-A.
I remember a time not long ago when it was deemed suspicious if a user wanted more than 5 SIMs registered. Wouldn't be surprised if that information is collected under the pretence of combating terrorism or some similar overreach - you're right, shouldn't be necessary for Optus themselves.
And seems is still a thing for activating at least prepaid https://www.acma.gov.au/acmas-rules-id-checks-prepaid-mobiles