Millions of the telco’s customers across the country have potentially had their personal data compromised – including birth dates, addresses, passport and driver’s licence numbers.

“It is the Government’s view that South Australians whose data has been breached through no fault of their own should not be liable to foot the cost of replacing their driver’s licence, and given the scale of this attack the Government has decided to waive the usual $20 replacement fee,” said Minister for Transport and Infrastructure Tom Koutsantonis has announced.

Optus customers who have already paid a fee for a replacement licence can apply in person at their Service SA for a refund.

No effort is being spared in looking into the breach, with the FBI joining the Australian Federal Police in probing the alarming incident.

Attorney-General Mark Dreyfus revealed the international cooperation as the group behind the breach scrapped its ransom demand and claimed to have deleted the 11 million customers’ records it scraped from the telco’s website.

The attempt to force Optus to pay $US1 million ($A1.54 million) by Friday was dropped hours after the group released a batch of 10,000 Australian customers’ sensitive details on a data breach forum on the clear web.

The illegally obtained information also includes, Medicare numbers as well as whether a person is renting or living with parents.

The hackers said they would have alerted Optus to its vulnerability if the telco had a secure method to contact or a bug bounty.

Dreyfus told parliament a whole-of-government response had been launched, with the AFP not only working with government and industry but also the FBI.

The attorney-general also expressed concern Optus did not report the exposure of Medicare numbers in the breach.

Opposition defence spokesman Andrew Hastie described the government’s response to the hack as “lacklustre and slow”.

The opposition is calling for the government to waive fees and expedite the processing of new passports for Optus customers whose passport numbers had been compromised.

“Victims of the Optus cyber hack should not have to wait or pay significant amounts of fees to secure their personal information, and obtain a new passport,” shadow foreign affairs spokesman Simon Birmingham and shadow cyber security spokesman James Patterson said in a statement.

They said the Department of Foreign Affairs was advising on its website that “if you choose to replace your passport you’ll have to pay” as the department was not responsible for the data breach.

Optus says it has sent email or SMS messages to customers whose details were compromised and apologised for the concern it has caused.

But it insists payment details and account passwords were not compromised as a result of the attack.

The privacy commissioner has urged Optus customers to be vigilant and not click on any links in text messages.

-with AAP