Both companies are subsidiaries of the telecommunications giant — with Virgin Mobile being shut down in 2018.

Some 9.8 million Australians have had their personal information potentially exposed after the company suffered a major security blunder last week.

The breach was initially assumed to only have affected Optus customers, but a new document revealed by the Guardian on Thursday suggests countless more have been subject to the data snatch.

Financial Services Minister Stephen Jones criticised Optus on Thursday for letting hackers slip through the net, warning “there will be a long tail of impact of this data breach”.

“We know that fraudsters [and] scammers are already on to it, whether they’ve got the Optus data or not, they’re attempting to impersonate Optus,” he said.

“They’re attempting to … impersonate licence providers, they’re attempting to impersonate government and government agencies.”

Want to stream your news? Flash lets you stream 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

It came after Optus confirmed that the valid Medicare ID numbers of 14,900 Australians have been exposed to hackers.

The telecommunications giant says it will contact all of the customers who have had their Medicare data breached within 24 hours.

On top of the nearly 15,000 valid Medicare numbers which were exposed, Optus has advised customers that a further 22,000 expired IDs have been accessed.

These customers will also be contacted directly by Optus in the “next couple of days”, something the company says is “out of an abundance of caution”.

“Please be assured that people cannot access your Medicare details with just your Medicare number,” Optus said in a statement on Wednesday night.

“If you are concerned or have been affected, you can replace your Medicare card as advised by Services Australia.”

The federal government is “furious” that Optus took five days to notify it about the breach of Medicare data after the cyberattack was revealed on September 22.

“We were not notified that among passport details, drivers licence details and others that Medicare details had also been the subject of this breach,” Health Minister Mark Butler told ABC Radio.

“So we’re very concerned obviously about the loss of this data, and we’re working very hard to deal with the consequences of that.

“We’re looking at (getting people new Medicare numbers). We’ll have more to say about that as soon as we can, but we’re looking at that very closely,” he said.

The 36,900 people who had their Medicare data stolen by the hackers are among the nearly 9.8 million Australians who had personal information like names, addresses, passports and drivers licences accessed in the breach.

Optus says it has now sent emails or SMS messages to all customers whose ID document numbers, such as licence or passport number, have been compromised as a result of the cyber attack.

Optus has been contacted for comment.