The federal government has released planned changes to telecommunications laws following the Optus data breach, which affected nearly 10 million customers and former customers.
Changes to telecommunications regulations will allow drivers licences and Medicare and passport numbers to be temporarily shared with financial services so they can implement enhanced monitoring for people affected by the Optus breach.
Optus will also be able to share that information with Commonwealth and state and territory agencies to assist in fraud detection.
Treasurer Jim Chalmers said the changes would help make customers affected by the breach safer.
"Financial institutions can play an important role in targeting their efforts towards protecting customers at greatest risk of fraudulent activity and scams in the wake of the recent Optus breach," Mr Chalmers said.
"These new measures will assist in protecting customers from scams, and in system-wide fraud detection."
Financial institutions will have to make several undertakings in order to receive the data, including to destroy the information when it is no longer required and to honour privacy obligations.
Institutions will only be able to use the data to help protect consumers from fraud as a consequence of the hack.
The government has also asked the Council of Financial Regulators to examine and report on options to further strengthen the ability for banks and other institutions to identify at-risk customers.
Mr Chalmers and Communications Minister Michelle Rowland said financial institutions had been proactive in the breach — though the government has previously criticised elements of the Optus response, including a delay in notifying that Medicare numbers had also been caught up in the hack.
Ms Rowland said the changes were designed to maintain the privacy and security of sensitive data.
"The proposed regulations have been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available for designated purposes," she said.
"Our primary concern here is to ensure that we do whatever we can under law to enable ... those risks to be mitigated in terms of ID theft, fraud and other misuse of their data."
Optus' vice president of regulatory and public affairs Andrew Sheridan welcomed the proposal and said it was "about protecting Australians".
"Optus is also pleased the federal government has taken the initiative to form a joint working group with Optus to enhance the coordinated response to the cyberattack," he said.
"We look forward to continuing to collaborate closely with the working group and all governments."
The new regulations will be in place for 12 months.
