Home Affairs has been working with Optus to identify a solution for protecting individuals whose data was exposed during the recent cyberattack.
DVS has established a Credential Protection Register (CPR) where compromised documents can be loaded by document issuers to assist with identifying individuals at risk. Each document issuer will independently determine the timing and number of documents they will add to the CPR.
The register will be checked as part of a DVS verification and if the document is on the register, the transaction will be blocked from verification. This will appear as a no-match response in greenID.
The Australian Passport Office have already uploaded compromised passport numbers to the CPR. If these document numbers are used to validate and identity, greenID will return a no-match response.
GBG will endeavor to update this page as Home Affairs notified us when further documents are uploaded.