Hacker News new | ask | show | jobs
by ecdavis 1352 days ago
> Companies should only collect data that they really need.

Collecting and keeping this data is a regulatory requirement for Optus.

The problems with this breach have their roots in how identity is proven and verified in Australia. Far too much relies on possession of a physical document.
1 comments
collegeburner 1352 days ago
in America i usually prove identity for postpaid services with something like a utility bill which is at least not a government id document. i understand a telco wants some identity before extending credit for any postpaid plan but can y'all not do the same?
link
ecdavis 1352 days ago
You can see Optus' ID requirements here: https://www.optus.com.au/for-you/support/answer?id=9438

Here are the ID requirements for their major competitor, Telstra: https://www.telstra.com.au/support/account-payment/id-check-...

These are legislated: https://www.legislation.gov.au/Details/F2022L00548

link