Optus Mobile has been fined another $826,320 for violating telco anti-scam rules, this time involving its Coles Mobile business.

The penalty comes after the Australian Communications and Media Authority (ACMA) launched an investigation into the telecommunications company.

According to ACMA, Optus breached anti-scam rules on 44 occasions in September and October last year via its Coles Mobile operations, a partnership whereby people can sign up for a mobile contract with Coles supermarket.

The investigation found that scammers exploited a vulnerability in a third-party identity verification system used by Optus. 

This weakness enabled scammers to bypass parts of the required verification process, gain control of at least four consumers’ mobile services, and access their bank accounts, resulting in reported losses of $39,000.

Authority member Samantha Yorke said such scammer attacks can result in financial losses and lasting distress from having to recover digital identities.

“While this was a one-off issue which was quickly remediated, it is inexcusable for any telco not to have robust customer ID verification systems in place, let alone Australia’s second largest provider,” Yorke said.

“This is the maximum financial penalty the ACMA was able to give in this matter. It reflects the serious nature of the breaches,” she added.

The latest fine added to the already massive penalty that Optus has received this year for its regulatory breaches.

In September, the Federal Court ordered the company to pay a $100 million fine for unconscionable sales conduct, which affected over 400 consumers and occurred at 16 Optus stores between August 2019 and July 2023.