A man has been arrested in relation to an alleged text messaging scam related to the Optus data breach.

A 19-year-old Sydney man has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.

The Rockdale man is scheduled to appear in Sydney Central Local Court at a later date to face two offences that carry maximum penalties of up to 10 years in jail.

Australian Federal Police allege the man used information obtained from the leak in a text message scam targeting Australians.

Assistant Commissioner Cyber Command Justine Gough said on Thursday the man was not suspected of being the individual responsible for the Optus breach but allegedly tried to financially benefit from the stolen data that was dumped on an online forum.

Federal police say an investigation was sparked when their Operation Guardian became aware of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes. The data used by the alleged offender to identify these customers was from the 10,200 stolen records posted online after last month’s Optus breach.

The AFP said it identified a bank account, which was in the name of a juvenile, that it would allege was being used by the man.

The AFP said it would allege that texts were sent to 93 Optus customers who had their data exposed on an internet forum. So far, it appears non of those targeted sent any money to the account.

The federal government and AFP are still investigating the source of the cyber attack and are yet to arrest the hackers.

Tweet from @cokeefe9

Earlier on Thursday, the federal government announced its response to data breach, with changes to the telecommunications laws.

Almost 10 million Optus customers, and former customers, were affected by the September data hack, with sensitive passport, licence and Medicare details stolen.

Treasurer Jim Chalmers on Thursday said the government would change telecommunications regulations that would help enhanced monitoring for people affected by the breach.

Dr Chalmers said the amended legislation would allow drivers’ licences, and Medicare and passport numbers to be temporarily shared with financial services.

Optus will be also be able to share that sensitive information with Commonwealth, and state and territory agencies to assist in fraud detection.

Dr Chalmers said the changes would help make customers affected by the breach safer from identity theft and fraud.

“Financial institutions can play an important role in targeting their efforts towards protecting customers at greatest risk of fraudulent activity and scams in the wake of the recent Optus breach,” he said.

“These new measures will assist in protecting customers from scams, and in system-wide fraud detection.”

Financial institutions will need to make undertakings before they can receive the data, including to agreeing to destroy the information when it is no longer required and to honour all privacy obligations.

They would only be able to use the data to help protect consumers from fraud as a consequence of the hack.

The Council of Financial Regulators has been asked by the government to identify options to further strengthen the ability of banks to identify at-risk customers.

Dr Chalmers and Communications Minister Michelle Rowland said financial institutions had been proactive in the breach, despite the government previously criticising elements of the Optus response.

Minister for Government Services Bill Shorten last week slammed Optus for a delay in notifying that Medicare numbers had also been caught up in the hack.

Ms Rowland said the legislation changes were designed to maintain the privacy and security of sensitive data.

“The proposed regulations have been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available for designated purposes,” she said.

The new regulations will remain in place for one year.

-with AAP