Posting here so I can get responses in writing, and to flag this with anyone else who may have the same issue in future.
My sister attempted to log in to her account today and found her email address had been changed to an 'yopmail' address (a temporary email), her password had been changed and she could not see her details on the optus app. We all assumed she had been hacked. When she went in to Optus this morning, they could confirm that the email had been changed: however when she pushed for more information they suggested that it 'did not look like her account had been hacked' and 'could not confirm' when the account changes had occurred, or why. They would not give her any further information, and only changed her email address back and reset her password. She received the same response when she called Optus customer support. She was not offered any further security measures to prevent this happening again.
I was wondering if this is a common occurrence now? She had been hacked previously (connected to an unsafe network, which could not be the case this time), and that time she was offered a new sim, changed her number and staff could give her details about how/ when the account was changed. Is this some kind of policy shift? I was also wondering if anyone has been through the same thing, and if they have any potential explanation to what has happened to her account?
Any help/ advice appreciated,
Solved! Solved: Go to Solution.
Thanks for raising this issue with us. It's certainly not the type of experience we want your sister to have with us and we'd love to make things right.
Your sister can set-up PIN Only Access on the account as an extra security measure. This means, anytime that there is an enquiry on the account, a PIN must be provided. She'll need to contact us to set that up.
We'd also be more than happy to investigate this for her to see what has happened.
Please note that we’re unable to look into account details on Yes Crowd.
Does your sister know the exact yopmail email address that was used?
If so she might be able to check which emails have been sent to that address within the last 8 days, ,assuming the hacker hasn't deleted them that is, see maybe get a feel for what they were trying to do.
yopmail email accounts aren't password protected so she can just go to yopmail.com , enter the yopmail email address in the provided field, and click "Check Inbox". If she finds any emails that are for her account (or about her) she should take copies of them (i.e. copy them to a text file) for her records and then delete the one in the yopmail in box. She should then contact yopmail to report the email address, and also keep checking the yopmail inbox regularly until the email account gets disabled.
Thank you so much for all this advice! She is currently changing her sim/ without internet, but I will follow through with this (optus did give her the email and I know the amount of characters, but they did not spell it - so I'll try a few alternatives to make sure). Appreciate the help!
Thanks for your fast response! I'm glad that this wasn't standard practice. I've passed this information on to my sister, and she should DM/inbox optus soon to get more information about what happened.