It seems that this thieves somehow got hold of this woman's phone number, phone company, name and presumably email address. From that they rang up the service provider - optus - were able to close down her sim card and transfer her number to their own sim card.
Then they got into her email by using the recovery sms function, from which they got bank account information. Got into her facebook account in the same way and got her date of birth. In other countries there is a separate security box/calculator thingy for internet banking, but in Australia security codes for transferring money are sent to your phone by text. So they could then hack into her internet bank and steal some money.
I am trying to figure out how this was done: 1. Did they have additional id information about this woman, as presumably the phone company would have asked for it? Optus is refusing to comment apparently. 2. Did having the sms recovery function on email and facebook allow this to happen? From which they got her date of birth and bank account details. 3. Is then possible to change your internet banking password using information on bank statements? (I have done it, but can't remember.)
So much security information in Australia goes through your phone, internet banking, centrelink, medicare. Also it really can be that easy to change your sim card and keep the same number. I did in a shop going from a micro-sim to a nano-sim. But I did need to show id, but it took seconds.
So basically, from that article it seems that all that was needed was this woman's name, phone number and telephone operator to hack into her phone. The fact that she enabled the sms password recovery option on her email and facebook meant that they could get into her bank account. Is there anything else that she did that may have allowed this to happen?