QBANK has recently been made aware of a cyber-attack on Optus. This has resulted in the potential disclosure of personal and sensitive information of some current or former Optus customers. Your personal information may have been affected by this incident, so it is important that you take the time to read this notification.
What information has been exposed?
Optus has confirmed that the type of information which may have been exposed is:
- Customer names
- Dates of birth
- Phone numbers
- Email addresses
- ID documents such as drivers’ licence or passport numbers
What is QBANK doing to protect your accounts?
QBANK’s existing processes to identify members require you to provide your security password and additional identifying information. Without this information, no changes to your personal details can be completed and no activity can be transacted on your account over the phone. In-branch changes and transactions require the same identification processes being met or the provision of photo identification.
QBANK’s fraud monitoring team will continue to develop their ruleset to monitor transactions and mitigate any potential emerging fraud. We may contact you to confirm transactions are legitimate prior to taking any action.
What can you do to protect your accounts?
At this stage there is no evidence of misuse of any of the information obtained through the data breach. It is possible that the information obtained could be used to attempt to take over your account or to create fraudulent accounts with other financial institutions.
We recommend that you carefully monitor your account, particularly to confirm that your contact details have not been amended without your authorisation and to confirm that no fraudulent transactions have occurred on your account. If you notice any unusual or unexplained activity on your account please call us on 13 77 28 or email us via firstname.lastname@example.org.
To assist you to protect and monitor your accounts, if you have not already done so, we strongly recommend you register for SMS One Time Passwords (SMS OTP). This facility is a two-factor authentication for new payments from your account using a verification code sent by SMS to your registered mobile. In addition, you can establish SMS or Email Alerts (Alerts) to notify you of transactions. These alerts can be customised based on account, transaction type, transaction amount, etc.
Both SMS OTP and Alerts can be created by contacting QBANK or via Internet Banking and selecting “Settings”.
Be aware of scams
QBANK will regularly share information on our social media platforms and website regarding scams and fraud awareness for our members. For additional information on scams and what to look out for please refer to the ACCC’s Scamwatch website. Below are some of the scams to be aware of.
Remote access scams are where scammers deceive you into providing access to your personal device such as a computer or mobile. They may do this by saying there are problems with your connection or internet that need to be fixed. They may request you buy software or download software to your device which they then use to gain access.
Phishing attempts are where scammers trick you into providing personal information such as bank account details, card numbers and/or passwords. They may do this by posing as a legitimate company and sending an email with a link included.
You should also be aware that SMS phishing (Smishing) attempts using the compromised data could occur. For example, you could receive a personalised message from fraudsters which looks like a legitimate message from QBANK, another bank or another company in an attempt to acquire your login credentials and password.
At all times, be cautious of any email or SMS activity and never click on a link in a message from an unknown or unverified source even if it looks legitimate.
Who do I contact for more information?
We take privacy and the security of our customer's information very seriously. If you have any concerns or questions, please contact us on 13 77 28 for further information.