Dear customer,

As you know, Specsavers Optometrists Bundaberg Sugarland recently underwent a new shop fit out and relocation to make way for the new Audiology business. The store was temporarily closed during this time to allow for construction works to take place. We are writing to you to let you know about an incident that occurred during these works.

We respect your privacy and the information we hold about you. As the incident could affect personal information you have disclosed to us, we wanted to share with you what has happened and give you some comfort around the measures we are taking to protect your privacy.

What happened?

During the fit out works, a range of building materials and IT equipment, including a password-protected computer server went missing from an onsite storage facility. After becoming aware, we notified law enforcement and launched our own investigation. Despite our best efforts and the assistance of law enforcement, we have been unable to recover the items that went missing.

There is no evidence that any of the information on the server has been accessed. Our efforts to recover the server are ongoing but we are letting you know so that, if you are concerned, you can take the precautionary steps to protect your personal information. The server may include files containing your personal information.

What personal information was involved in the incident?

Depending on the information that you have provided to the store, the server contents may include your name, date of birth, address, phone number, email address,clinical records of your optometry tests, and Medicare details. No credit card or other financial or payment information are involved.

Again, we have seen no evidence suggesting that your personal information has been accessed or used in any way, but we value your privacy and it is important that you are aware of the possibility of unauthorised access and misuse.

We have notified and sought expert advice from the Department of Human Services and IDCARE (Australia’s national identity and cyber support service) on the potential risks to you and the most appropriate actions for you, and us, to take. We have set out below the steps you may consider taking as a precautionary measure.

We are deeply sorry for the inconvenience this may cause you and want to reassure you that we take the security and confidentiality of personal information very seriously.

What action have we taken?

After becoming aware of the incident, Specsavers took the following steps:

  1. Notified law enforcement and assisted law enforcement with their investigation;
  2. Conducted a detailed investigation into the incident, including an audit to identify the personal information stored on the server;
  3. Engaged our information security department to monitor online environments for any suspicious activity involving customer personal information;
  4. Reported the incident to the Commonwealth Department of Human Services which has added additional security measures to your Medicare record. These measures aim to detect fraudulent activity. There is nothing you need to do. If the department detects any unusual or fraudulent activity, they will contact you.
  5. Engaged IDCARE to assist in understanding the risks to personal information and the precautionary measures available to affected individuals to address those risks;
  6. Notified the Office of the Australian Information Commissioner.

What should I do?

Specsavers is working with IDCARE to provide you with information on the suggested precautionary measures you can take to protect your personal information from any risk of misuse. This service is available at no cost to you, and any associated costs of engaging IDCARE will be met by us.

IDCARE has recommended that you be vigilant about telephone calls, emails and SMS messaging received, including those that appear to come from Specsavers. There is a risk that an unauthorised third party may use your personal information to facilitate a phishing call or email attempting to induce you to reveal credit card numbers, bank details or other sensitive information and provide a link. When requests for personal information are made by an unexpected caller, it is always best to disconnect the call and (if appropriate) contact the organisation directly on a number you have sourced yourself. Be cautious about clicking on links or attachments on communications you are not expecting. Do your own research and explore alternative contact methods for the sender.

What else can I do?

If you have any concerns or questions about what to do, IDCARE’s services may be accessed by calling 1300 432 273 between 8am and 5pm Monday to Friday (AEST) and by quoting the unique referral code SPC-IDC1.

If you have a complaint, please contact our office on the details below and we will assist you as promptly as possible:

Organisation name: Specsavers Bundaberg Sugarland (QLD) Pty Ltd

Registered Address: 520 Graham Street, Port Melbourne, VIC 3207

If we are unable to resolve any complaint you may have in relation to the handling of your personal information, you may wish to contact the OAIC. The OAIC’s contact details are as follows:

Enquiry line: 1300 363 992
Address: GPO Box 5218, Sydney NSW 2001.

Specsavers Optometrists Bundaberg Sugarland


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   
Call Centre Icon

call our AUSTRALIAn

1800 595 160
‍Mon - Fri : 8am - 5pm AEST

Call Centre Icon

call our NEW ZEALAND

0800 121 068
Mon - Fri: 10am - 7pm NZST