Health Minister Mark Butler has confirmed the government is now examining whether new Medicare cards will need to be issued to protect the customers against identity fraud.

Medicare numbers are widely accepted as proof of ID for those who don’t have a driver’s licence or a passport and could be used to conduct fraud.

“We’re particularly concerned that we weren’t notified of the breach of Medicare data until the last 24 hours,’’ Mr Butler said.

Want to stream your news? Flash lets you stream 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

“Obviously, the breach of Optus data more broadly was known to us or notified to us last week. And we’re particularly concerned that only in the last 24 hours that we learned about the breach of Medicare data.

“So, we’re working hard to develop strategies for a response to that, as the government has been, for example, for some time in relation to passport numbers, as state governments have been in relation to driver’s licence numbers.

“This is obviously a deeply concerning breach of the data of almost 10 million Australians, and across the resources of government and the federal police, a range of other agencies, we’ve been working non-stop since the original notification of this breach to develop the best possible response for consumers.”

The Albanese Government is already grappling with a rush of Optus customers trying to update their passports after their data was obtained by hackers.

In an interview with the ABC’s Radio National, Mr Butler also confirmed that there wasn’t yet clear information yet on how many Medicare cards were compromised.

“Well, all of this data is obviously of potential value to criminals, and that’s why consumers are rightly so concerned, almost 10 million of them, at the loss of that data from this huge breach of Optus’ data held,’’ Mr Butler said.

“As I say, obviously, it’s deeply unfortunate that we were only notified that Medicare details were included within that data breach in the last 24 hours or so.

“We’ve only been looking at that over the last 24 hours, as I say, because of the lateness of notification of this particular breach. We’re obviously looking at it in relation to passports as well.

“At the state level, state governments are looking at the consequences for driver’s licences and so on. We’ll have more to say about that as soon as we can.”

The federal opposition called on the federal government to waive replacement passport fees and expedite processing times.

“Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information, and obtain a new passport,” Coalition Senators Simon Birmingham and James Paterson said in a statement.

“While Optus must take responsibility for what may be the largest data breach in Australian history, the Albanese government has a responsibility to help Australians take steps to protect their personal information and security.”

Mr Butler said federal officials were working to develop the best response to this breach of passport data.

“I know state governments are considering a response to the loss of driver’s licence data, and as soon as we’re able to respond to that, we will,’’ he said.

But Covid related delays mean that some motorists may need to wait months to replace drivers licences increasing anxiety for those impacted.

When news.com.au yesterday asked Optus to respond to claims of Medicare details being leaked in the hack, a spokesperson claimed they could not provide further details due to the AFP investigation.

“We are working with the AFP on their investigation of this attack. On their request, we’ve been asked not to discuss further details as it might compromise their ability to find the bad actor,” the spokesperson said.

What to do if you are affected

Optus chief executive Kelly Bayer-Rosmarin apologised for the cyber intrusion in a conference call with reporters on Friday, saying “it should not have happened”.

“I’m disappointed that we couldn’t prevent it,” she said.

Ms Bayer-Rosmarin urged customers to be on the watch for suspicious contacts in the near future, fearing bad actors who access the stolen data could use it to place scam calls.

“What customers can do is just be vigilant,” she said.

“It really is about increased vigilance, and being alert to any activity that seems suspicious or odd, or out of the ordinary.

“If somebody calls you and says they want to connect to your computer, and says to give them your password or let them in, don‘t allow that to occur.”

She said passwords and financial details had not been compromised, however other sensitive information had been pilfered.

“We do hold a reference to the identification information, whether it’s the driver’s licence number or passport number. That’s the field that’s been compromised,” she said.

“I again want to reassure people that they have not got images of any of those documents, nor any bank details or passwords.”

For those who are concerned their data may have been stolen, there are a number of steps you can take to protect yourself.

The Australian Cyber Security Centre has provided advice for those current and former customers who have been impacted.

Australians have been advised to update their devices to protect important information as well as protecting important accounts by using multi-factor authentication.

Customers should also contact their financial institutions immediately and follow their guidance about protecting their accounts.

Those impacted are also advised to contact reputable sources for information such as Moneysmart, ID Care and the Office of the Australian Information Commissioner.

More Coverage

‘Pay us’: Terrifying text to Optus customer

Ally Foster

Optus boss’ bizarre hack claim

Samantha Maiden

Originally published as Government ‘particularly concerned’ over Medicare leak in Optus data breach