The attorney-general also expressed concern Optus did not report the exposure of Medicare numbers in the breach.
They said the Department of Foreign Affairs was advising on its website that “if you choose to replace your passport you’ll have to pay” as the department was not responsible for the data breach.
‘Very sorry’: Account claiming to be hacker says it has dropped Optus ransom
The illegally obtained information includes passport and driver’s licence numbers, dates of birth and home addresses, according to cyber security researcher and writer Jeremy Kirk from ISMG Corp.
The batch released on Tuesday was still online as of 1.30pm Sydney time.
An ongoing privacy review will be completed this year.
“But it has been a wake-up call for corporate Australia, and I know now that cyber security is right there in the top echelon of issues which face corporate Australia as it does government of course, and we need to be doing everything we can to make sure that protection is in place.”
Federal Home Affairs Minister Clare O’Neil has criticised Optus following the data breach. Source: AAP
In a statement on Tuesday morning, Home Affairs Minister Clare O’Neil said she was incredibly concerned at the reports of personal information, including Medicare numbers, being shared either for free or for ransom.
Ms O’Neil said the full weight of cyber security capabilities across the government is working to respond to the breach.
How could the cyber attack have been prevented?
“We’re doing everything we can to apprehend the hackers but there is no doubt the defences of the company were, as I’ve been informed, inadequate.”
Ms O’Neil told the ABC on Monday that the attack was not “sophisticated”.
Australian Federal Police to investigate the breach
The task force will work with the Australian Signals Directorate, overseas police, as well as Optus.
Opposition cyber security spokesman James Paterson told Sky News the government bore some responsibility and criticised its response to the hack as “slow”.