After working in IT for decades and as a cautious person by nature, Neville Bleakley never once imagined he would be caught out by an online scam.
Now the retired Canberra-based defence force officer said he sympathised completely with the plight of those millions of Optus customers whose private details have been hacked because the clever ruse which grabbed his personal data cost him days of preventative action to set straight.
Optus has launched an independent, external review of the circumstances surrounding the mass cyber theft of its customer data - the biggest to affect Australian consumers - after acting prime minister Richard Marles described the attack as a "massive wake-up call for corporate Australia".
"Optus is certainly not doing enough to help these people who entrusted an organisation to protect their data, and then let them down so badly," Mr Bleakley said.
"It's deplorable; I've been down that path [in losing personal data] and it takes days to put safeguards back in place and even then, the nagging doubts are still there.
"My fault was that I had downloaded some printer software hurriedly from a site which looked completely legitimate but wasn't.
"It was passwords and access to online banking and super accounts which were my immediate vulnerability; I hadn't had my driver's licence and other points of identification like Medicare or passport numbers stolen like so many of these people so I can only imagine how anxious they would be."
He said that he only became aware he could be a victim after reading finance expert Noel Whittaker's column in The Canberra Times highlighting the scam, and he acted promptly.
Even now, he still checks his banking transaction records online on a daily basis, scanning for unexplained withdrawals.
"If I can offer any advice from my experience to people who believe they have been victims and lost their details: check your financial transactions often," he said.
"Because if the scam is identity theft, or creating accounts and businesses using stolen identity points, it's always about the money. And it will be those odd and unexplainable withdrawals which are most likely to be the first indication."
Complaints to the Australian Financial Complaints Authority about unauthorised banking and financial transactions over the past financial year rose by 45 per cent.
A former Canberra customer of Optus, Steven Saunders said he had switched to another telco provider more than two years ago but was appalled to discover that Singtel-owned company still retained all his personal details and records.
He said he received an "urgent update" correspondence from Optus chief executive Kelly Bayer Rosmarin, inviting him to "exercise heightened awareness" around his accounts.
"But in no way did she apologise for hoarding my data two years after I had moved to another telco provider," he said.
"Neither does she in any way offer to delete it now. It's a shameful way to conduct business."
Through Operation Guardian, the Australian Federal Police, the FBI, and the various state and territory cyber squads were prioritising the 10,000 Optus customers who potentially had 100 points of identification released online.
While it has the capabilities to monitor online forums, internet and dark web locations where criminals seek to exploit personal information released online, tracking these hackers from multiple internet protocol addresses used to disguise location is a major issue for law enforcement.
The Australian Banking Association and Customer Owned Banking Association say they are increasing monitoring activities and existing safeguards.
We've made it a whole lot easier for you to have your say. Our new comment platform requires only one log-in to access articles and to join the discussion on The Canberra Times website. Find out how to register so you can enjoy civil, friendly and engaging discussions. See our moderation policy here.
