Optus has confirmed that the valid Medicare ID numbers of 14,900 Australians have been exposed to hackers.
The telecommunications giant says it will contact all of the customers who have had their Medicare data breached within 24 hours.
On top of the nearly 15,000 valid Medicare numbers which were exposed, Optus has advised customers that a further 22,000 expired IDs have been accessed.
These customers will also be contacted directly by Optus in the “next couple of days”, something the company says is “out of an abundance of caution”.
“Please be assured that people cannot access your Medicare details with just your Medicare number,” Optus said in a statement on Wednesday night.
“If you are concerned or have been affected, you can replace your Medicare card as advised by Services Australia.”
The federal government is “furious” that Optus took five days to notify it about the breach of Medicare data after the cyberattack was revealed on September 22.
“We were not notified that among passport details, drivers licence details and others that Medicare details had also been the subject of this breach,” Health Minister Mark Butler told ABC Radio.
“So we’re very concerned obviously about the loss of this data, and we’re working very hard to deal with the consequences of that.
“We’re looking at (getting people new Medicare numbers). We’ll have more to say about that as soon as we can, but we’re looking at that very closely,” he said.
The 36,900 people who had their Medicare data stolen by the hackers are among the nearly 9.8 million Australians who had personal information like names, addresses, passports and drivers licences accessed in the breach.