Medibank Private, ahm and other recent data breaches – advice for foreign passport holders

Medibank Private and ahm have advised the Australian Passport Office (APO) that no Australian Travel Document information was compromised in this breach.

Foreign passports for international students were compromised through this cyberattack. Medibank Private and ahm are contacting impacted customers directly.

If Medibank Private or ahm have advised you that your foreign passport information was compromised, you should contact the government that issued the passport for advice on what to do. This is also the case for all data breaches that impact foreign passport holders, including the recent breaches at Optus and Medlab.

More information:

Medibank and ahm impacted customers:

Optus impacted customers:

  • If you’re in Australia, contact Optus customer service directly on 133 937, or internationally on +612 8082 5678.
  • Go to the Optus Passport Information webpage.
  • Go to our Frequently Asked Questions on the Optus data breach and passport information
  • See the Australian Cyber Security Centre's Optus data breach alert.

Medlab impacted customers:

Contact Medlab customer service directly on +61 1800 433 980, or go to their data breach web page.

Article Date:
22 November 2022

How we contact you

Recent data breaches are a timely reminder to protect yourself from misuse of your personal data and scams. 

So, when someone calls you saying they’re from the Australian Passport Office (APO), how do you know it’s us? 

APO staff will only contact you to help us process a passport application for you or your child. 

What to expect when we call 

When we call you, we’ll call from a landline. The officer will provide their first name, and where they’re from. 

They’ll ask you for some information to confirm they’re talking to the right person.  

If you’re not sure if it’s really us, you can call us back on 131 232 to check. 

If it was us, the officer will confirm the call is legitimate and help you with your application. 

Other ways we may contact you 

We also send important information via emails, text messages and letters. Our messages may include: 

  • requests and reminders to attend appointments 
  • notification of a Registered Post tracking number to let you know your passport is on its way 
  • passport renewal reminders. 

How to protect against scams  

Scams can look genuine, and it can be difficult to tell when something is fake. If you’re concerned, the IDCARE website has advice and support.  

If you’ve received a scam message or phone call, report it to Scam Watch.  

Read more about scams and identity on our website. 

Article Date:
18 November 2022

Medlab Pathology data breach

Medlab Pathology has experienced a cyberattack which has compromised the data of around 220,000 of its customers.

The breach involves sensitive personal information, including credit card details, pathology test results, and Medicare card numbers.  Medlab is notifying impacted customers directly.

A small number of passports were also caught up in this breach.

If Medlab has notified you that your passport details were compromised through this incident, a decision on whether you should replace your passport is a personal choice.

However, your passport remains safe to use for international travel.  A passport number cannot be used by someone else to obtain a new passport.  Robust controls are also used to protect passports from identity takeover, including facial-recognition technology.

More information on this data breach, including steps being taken to protect the personal data of affected customers, can be found on Medlab’s website.

Article Date:
28 October 2022

Further information

Content right

Australia has a new passport

Forms and publications

Other travel documents