Protecting Your Personal Information

At iiNet, we're continuing to make significant investments to protect our customers and their personal information.

The challenging reality is that all Australian companies face cyberthreats on a daily basis. iiNet takes cybersecurity and the protection of our customer’s personal information seriously. In light of recent events, we have been working closely with our cyber security partners and relevant government agencies to increase checks and monitoring of our systems.

For more information on iiNet’s data security policies and practices, view our relevant support articles:

Select one of the links below to jump to a query:

Protecting yourself and your personal information

iiNet is continuing to take important measures to protect your information, but there are also tactics you can use to protect yourself and reduce your risk of becoming a victim by understanding how to spot a suspicious email, call or SMS.

Tips to help keep your information secure

  • Do not provide your password, or one-time passcodes to someone who called you.
  • Don’t hesitate to question the legitimacy of a caller. If you ever receive a call claiming to be iiNet and you are unsure of the legitimacy, hang up and call us on 13 22 58.
  • Double check the sender of an email before responding or clicking on any links.
  • Please ensure all of the details in an order confirmation SMS are correct before responding. Decline even if there is a slight discrepancy.
  • When chatting to us on social media, always look out for the blue tick.
  • While on our website, you may receive a pop up asking you to chat with us, please ensure you are always using the official iiNet website.

What is Phishing?

Phishing is a method used by criminals to obtain your sensitive information such as your mobile number, date of birth, passwords, and security codes.

Different methods include:

  • SMS and emails posing as having come from legitimate companies asking you to click on links & fill out your security, personal or payment details.
  • Scammers may call you posing as your telecommunications provider offering a free phone or a sizeable discount on a device. They will phish for your personal details such as your PIN, your password, or your one-time passcodes. This enables the scammers to impersonate you or gain access to your online accounts to phish for additional private information or to process orders on your behalf. If successful, the scammer may call you again posing as iiNet requesting your credit card details to provide a refund or compensation for the fraud.
  • Online browser pop up scams that entice customers with the possibility of winning a prize.
  • Calls pretending to be from various reputable organisations like a government agency, bank, or energy company, that either threaten action against you or offer heavily discounted or free products to scare or entice customers into voluntarily disclosing their security, personal or payment details.

How to tell whether a call you’ve received is legitimate

  • When we call you, we will not ask for a one-time passcode sent to your mobile or email, to verify you.
  • We will never call you and ask for your credit card details for refunds, reimbursements, or compensation.
  • Any refunds or reimbursements will only be provisioned through your original method of payment.
  • We will never call you from a private number.
  • If you order a device over the phone or online, we will send you a confirmation SMS with the details of your order including your preferred delivery address.
  • We will never proactively reach out to you on social media, we will only ever respond to you, if you contact us.


Frequently asked questions

What is iiNet doing to ensure the safety of my personal information and data?

We take cybersecurity extremely seriously at iiNet and continue to make significant investments to help protect our customers and their personal information. Our Cyber Defence and Response Centre provides around-the-clock event monitoring, threat protection and intelligence, to help protect customer’s data and our services against online security threats.

iiNet has processes and procedures in place to manage the security of its customer data and help protect it from unauthorised use, access, modification or disclosure. These include a range of physical and electronic security measures. We also use multi-factor authentication for complex and more involved customer service transactions which you can read about in our support article.

What information of mine do you have in your system?

There are requirements under the Privacy Act, and other legislation, about what information we are required to keep. You can see more information regarding our Privacy Statement on our Privacy Statement page. If you wish to request a copy of your information listed with us, you can complete the Personal Information Request form via the above link.

Who can see my personal information and data?

Our customer’s privacy is extremely important to us.  Customer personal information can only be seen and used by staff who need it to do their jobs and provide services to you.

I am no longer an iiNet customer, can you delete my personal information and data?

If we no longer need personal information for the purpose for which it was collected, and if Australian law does not require us to retain that personal information, we are required to destroy or de-identify the information in line with the Privacy Act.

We have strict measures in place to ensure that your personal information can only be seen and used by staff who need it to do their jobs. You can see more information regarding our Privacy Statement on our Privacy Statement page.

What can I do to protect myself against fraud?

Watch out for suspicious calls, SMS and emails asking for your personal information. It is always best to contact the legitimate company if you’re unsure. If you suspect you’ve been a victim of fraud, you should immediately contact your financial service provider. We also have tips on how to keep your personal details safe in our Security Information article.

You can also find valuable information on how to protect yourself from fraud at the websites for the Office of the Australian Privacy Commissioner and Scamwatch.

I transfered my Optus mobile number to iiNet and now want to change my number. Will this affect my credit file?

We can assist you with changing your mobile number. Simply changing your mobile number will not affect your credit file. However, we will need to place an enquiry on your credit file if you have requested a new service and a credit check is applicable. To change your number, please contact us on 13 22 58.

Can I make my service non-transferable and ban SIM swaps?

All service providers have obligations before accepting a transfer request. If someone requests your number to be transferred to us, a 2-way SMS is sent to the number that is being transferred. The transfer will only proceed if the SMS is responded to with the correct code. If you receive a message to transfer your service to another provider that you did not request, please do not respond to the message, and contact your provider as soon as possible. If you receive a message from another provider and you’re with us, contact the provider to request the transfer request is cancelled and let us know.

Keep in mind we are held to industry regulations which don’t allow us to stop numbers being transferred away from us. We are required to give customers freedom of choice for their mobile provider and are not permitted to stop a request to transfer a number out from our network.

SIM swaps can only be processed either through a secure link sent directly to your mobile number. If you receive a link to log in to Toolbox that you didn’t request, please let us know. It’s important be on the look-out for calls or messages requesting information, if this happens, please do not provide your personal information or any links.

Can you make sure that no additional services or connections are created in my name?

We have multi-factor-authentication (MFA) in place for the more involved or complex service requests, to protect your account and information. Before you can add an additional service to your account, we will send you a one-time code before allowing the transaction to proceed. You can read more about MFA in our article.

How do I know if it’s safe to send my photo ID through to iiNet?

Sometimes if we’re unable to verify you and you can’t visit a store, or you’re activating a new service, we may need you to provide documentation so that we can verify you to assist with account queries. We have strict requirements about the use and protection of your details. We have strict measures in place to ensure that your personal information can only be seen and used by those who need it to do their jobs.

Was this information helpful?

Why was it not helpful?

Please select an option

Thank you for your feedback.