Australians affected by the Optus cyber attack will be able to change their driver's licence numbers and get new cards for free, but the fight is still on for the government to issue new passports without hacking victims having to foot the bill.
Calls for passport fees to be waived have been growing, with Shadow Foreign Affairs minister Simon Birmingham and Shadow Cyber Security Minister James Paterson saying the government needs to do more to assist victims of the breach.
The Australian Passport Office on their website insists that despite the data breach impacting Optus customers, the Department of Foreign Affairs and Trade (DFAT) system remains uncompromised, but Australians who feel "unsure" are able to renew their passports at any time though they still have to pay the renewal fee as DFAT "weren’t responsible for the data breach".
"Well, of course the federal government wasn't responsible for the data breach. That is Optus' responsibility, but it's up to the federal government, like the state governments have done, to organise for Optus to have to pay to arrange those passports provided free," Paterson said in an interview with 3AW on Wednesday.
"Right now, they're saying if you go, if you've lost your passport number in this hack, as an Australian, as a victim of the Optus attack, you're going to have to pay and that's just not good enough," he added.
'Just not good enough'
Paterson also said he had approached Foreign Minister Penny Wong about the issue and was told that the government was still "looking into this".
"This is just not good enough. These people have been victims already. They shouldn't have to pay nearly $200 to cancel and get a new passport, and they shouldn't have to wait months to get it either," Patterson said.
"Now, I'd be very happy for the federal government to send the bill to Optus too. I think Optus should pay," he added. "But the federal government needs to get organised in the same way that the Victorian government has, the New South Wales government has, the Queensland government has. Why hasn't the federal government done the same?"
Paterson and Birmingham had issued a joint statement on Tuesday urging the Albanese government waive fees and expedite the processing of new passports to Optus customers impacted by the cyber attack.
"Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information, and obtain a new passport," the shadow ministers said in the statement.
"While Optus must take responsibility for what may be the largest data breach in Australian history, the Albanese Government has a responsibility to help Australians take steps to protect their personal information and security," they stated further.
Optus to foot bill for driver's licences
New South Wales, Victoria, Queensland and South Australia have so far announced that victims of the Optus data breach will have replacement fees for their driver's licences waived at Optus's expense, while the ACT government is still working on the issue.
Western Australia is expected to follow the other states in its approach and is set to make an announcement sometime Wednesday.
It is still unclear what measures Tasmania and the Northern Territory will be taking, but the cost to Optus is expected to run to tens of millions of dollars.
Meanwhile, Health Minister Mark Butler has said he is looking into providing new Medicare numbers to those Aussies whose details were exposed in the Optus data breach.
Optus last week revealed that personal data of nearly 10 million customers had been compromised in one of the country's biggest digital hacks.
Cyber security experts believe that the hackers, who may have been behind an online account called "Optusdata", had threatened to publish the data of 10,000 Optus customers unless they received $1.5 million (US$1 million) in cryptocurrency.
However, the account holders posted an apology for leaking data of 10,200 Australians on Tuesday, and claim to have deleted it because it could be seen by "too many eyes" and withdrew the ransom demand.
It is still unclear whether the Optusdata account holders were behind the breach, but cyber security experts raise the point that the compromised data is still out there despite claims of it being deleted.
Do you have a story tip? Email: firstname.lastname@example.org.