Password best practices

May 19, 2024

Long ago password best practices became more important than ever. Some key elements are;

• Don’t share passwords
• Don’t use dictionary words
• The longer the password the better
• Use a password manager like Bitwarden
• Use a new password for every site/service

Without a password manager you can use sites like https://neal.fun/password-game/ to make passwords. Enjoy!

Windows 10 end of support

March 20, 2024

Happy Holidays! See you in 2024

December 7, 2023

As 2023 comes to a close, we would like to thank all the business and staff we’ve worked with this year!

This year Supportedge will be taking a break from the 22nd of December through to the 5th of January. During this time we will be on-hand for any business-critical issues, just leave a message by ringing our phone 02 8007 2930.

We would like to wish everyone a very Merry Christmas and a Happy new Year!

Optus data breach, leak and hack. These are all our problems now.

September 29, 2022

IMPORTANT: The information below is specific to our clients. If you are not a Supportedge client, please contact your service provider for specific information to your situation.

IMPORTANT: This information was updated 30th September 2022 and should be considered out of date as of 1st October 2022.

Supportedge has NEVER partnered with Optus to deliver services to our clients. Nothing purchased from Supportedge will be affected by this data breach. But we do understand our clients purchase products and services directly from suppliers and this is where the information below may help.

But Supportedge does partner with telecom providers who do wholesale Optus products. This is not a concern for our clients. Our telecom partners don’t forward on client information to Optus. Our largest partner who resells Optus services is Exetel. Exetel have been proactively switching to Telstra products for over a year now and very few of our clients are still using Optus infrastructure via Exetel.

Supportedge has been monitoring this situation closely and delaying the advice below waiting on more detailed information from the government and Optus. The breach was announced 7 days ago but information is not forthcoming. We have made the following recommendations with this in mind.

Government information is here: https://www.oaic.gov.au/updates/news-and-media/advice-on-optus-data-breach and here https://www.scamwatch.gov.au/types-of-scams/recent-scam-activity/optus-data-breach-scams

Optus information is here: https://www.optus.com.au/support/cyberattack

Here is what we do and don’t know about the breach.

Optus announced a massive data breach on 22nd September 2022. Potentially the biggest breach in Australian history. Optus reports the breach was discovered by unusual network traffic and was stopped at this time. This is consistent with how most breaches are discovered. However, we have not been able to find a public release of the time the breach started. It’s unlikely to have started when Optus announced the attack.

Optus have reported the data breach effects 9.8 million current and past customers from 2017 to now.

Optus have advised, as a precaution to keep alert from scammers contacting you. We should be doing this all the time anyway, but this won’t help in this situation. If what Optus are saying is correct, the attackers already have more than enough information to do damage. They don’t need to contact you or try to scam you.

There are reports the attackers are sorry and have deleted all the stolen data. Unfortunately there is no way to determine if this is true or correct.

Here is what you can do and what you can’t do.

If you have ever received a bill or invoice from Optus (ie with a Optus logo in the corner) you should go to Service NSW and get a new licence with a new licence number. Optus suggest calling 133937 to find out if you are personally involved in the data breach. Because Optus’ advice on this issue is vague, our recommendation is to change your drivers licence number even if your Optus accounts were closed before 2017 or if when calling Optus, they tell you your personal information is safe.

If you have given your passport details to Optus, or if you can’t recall whether you have or haven’t given your passport details you should get a new passport in addition to your new drivers licence.

Both actions above should be completed as soon as possible.

Optus says your account login credentials were not compromised and you don’t need to change your password. This is likely to be correct, but you should change your Optus password as a precaution. As with all passwords make sure it’s unique to only your Optus account.

Services like Equifax will monitor if a loan is trying to be established in your name. You should consider signing up for one of these services. Optus are offering 12 months free service with Equifax but they will contact you directly if you are eligible for this offer.

Consider blocking access to your credit information. Information is here on how to start this process: https://www.idcare.org/fact-sheets/credit-bans-australia

If you’re an Optus customer your birthday was also lost. This is a concern as nothing can be done about this. Your date of birth is extremely valuable private information.

Final thoughts.

Big companies get attacked and breached all the time. Sony, Microsoft, Apple, Uber, just to name a few all have had data breaches. These companies have significantly more resources to protect data than Optus does, and the breaches still have occurred. It is part of the world we are in today. But transparency and information is key, these breaches need to be publicly advised and transparent to customers. This transparency helps customers take actions to protect themselves.