Eli5 what is the danger of people having expired license information hacked in Australia?


Asking because of the recent latitude hack, if the license is expired and now we have the new license card number, what is the big deal about old expired licenses getting used? What can they do with it if we need a license card number now?

In: 2

Identity Theft

Here’s the basics:

If someone has your name, address and birthday. They can use that to get a Birth Certificate (since most people live in the same city they were born in). This is why you don’t use your real birth year online.

If they have a Birth certificate, they can get a couple of utility bills in your name then use all that to get a Licence.

If you have Licence, they can open bank accounts in your name. Then they can get credit cards in your name and build up credit debt which you will be responsible for. You could end up owning a fortune just because you let them access some of your most private information.

Don’t put real information online, especially not your real birthday!

No. They can get a drivers licence in your name. Doesn’t have to have your drivers licence number. Only YOUR bank kniws that. Any other bank will happily accept their stolen licence as legit. So yes. You do have to be concerned and protect your private info. Because proving yoyr identity has been stolen is extremely difficult and getting out of the debt these people put you under is also extremely difficult. Scammers are after this as well as yoyr money.

In most states, the licence number doesn’t change when a licence is renewed. Some states have only recently introduced a second number unique for the card that *does* change upon renewal, I don’t know if every state has that yet. But there are still companies and services that only ask for licence number and not the card number.

Also the licence contains your photo, address and date of birth, which alone can be enough information for identify theft. **Any** personal information a malicious actor can get their hands on is useful, if not by itself then in aggregate with other pieces of information.

Think of it like a puzzle: your name, address, DOB and photo are 4 pieces, the fact you have accounts with Latitude is another piece, maybe they get your phone number from the Optus hack, your medical details from the Medibank hack, then they use these details to trick another company into giving more information. From there it doesn’t take much to start taking advantage of the info for financial gain.