Fallout from the Optus cyber attack continues as a federal minister slams the telco for not being more forthcoming about the full nature of the breach. 

Cabinet minister Tanya Plibersek said while people had been receiving their bills on time, the telco had not told customers whether their personal details have been stolen.

“One of the real problems is the lack of communication by Optus, both with its customers and the government,” she told the Seven Network on Monday.

“I don’t think the company is doing a particularly good job with its customers or providing the government with the information we need to keep people safe.

“It’s extraordinary we don’t have any Medicare numbers or Centrelink numbers that may have been compromised.”

Yet former home affairs minister Karen Andrews said the government’s response to the breach had also been inadequate.

While she did not absolve Optus from its corporate responsibilities, Ms Andrews said the government had “failed quite dismally” in its response. 

“The federal government funds an organisation called IDCARE which is ready, willing and able to assist people who have had their identity stolen and could have provided advice to Optus customers,” she told ABC Radio National. 

She said the breach was a “wake up call” for all of corporate Australia about the importance of data protection. 

Optus was slammed by Albanese government ministers at a press conference on Sunday for not responding to requests for information to help protect almost 10 million Australians from fraud.

Services Australia wrote to Optus on Tuesday asking for the full details of all customers who had their Medicare cards or Centrelink Concession Cards compromised to boost security measures.

The government said Optus was yet to respond to the request.

At least 10,000 parcels of ID data taken in the breach, were put on the internet for sale by the hacker, before they took it down.

Cyber Security Minister Clare O’Neil said Optus needed to be up-front about what specific data had been taken about individuals, with the government not knowing how many passport numbers had been stolen.

Ms O’Neil said the government was particularly concerned for those people whose sensitive data had already been published in the “ether”.

Optus chief executive Kelly Bayer Rosmarin has apologised to customers, but is resisting calls to step down following the disaster.

Ms O’Neil criticised the former Morrison government, describing laws designed to protect Australia’s critical infrastructure from cyber attacks as “absolutely useless”.

“This company (Optus) has just overseen what is without question, the largest consumer data breach in Australian history,” she said.

Opposition cyber security spokesman James Paterson said the coalition would be open to bigger fines for breaches of the Privacy Act.

In a statement, an Optus spokesperson said the company was working with government agencies to determine which customers it needed to take action on.

“We continue to seek further advice on the status of customers whose details have since expired. Once we receive that information, we can notify those customers,” the spokesperson said on Sunday.

“We continue to work constructively with governments and their various authorities to reduce the impact on our customers.”

By Dominic Giannini, Tess Ikonomou and Maeve Bannister in Canberra

Get the latest news, sport, entertainment, lifestyle, competitions and more delivered straight to your inbox with the Canberra Daily Daily Newsletter. Sign up here.