Meet the man whose identity was stolen from a government website that cost him $20,000

William Bottom, 23, was ‘blindsided’ by scammers when they stole his identity in 2020

A man has revealed he was stalked by debt collectors, accused of stealing a dozen cars and charged with an accident in a rental car after his identity was stolen.

Blindsided by the ‘total takeover’, 23-year-old William Bottom first became aware that the fraudster was acting on his behalf when $19,000 was taken from his savings.

He told FEMAIL that he was the last person one would expect to fall victim to identity theft because of the priority he places on safety in life and online.

“I couldn’t believe what happened and I kept guessing where I had gone wrong,” he said.

“I wondered if I had used the wrong credit card or handed my license over to some dodgy hotel receptionist or something.”

But he couldn’t have prevented the fraud by being ‘safer’ online, he was one of 103,000 people affected by a Service NSW data breach between March and April 2020.

In fact, he caught the fraud on his debut in late 2020 after logging into his online banking to find two new over the counter withdrawals of $10,000 and $9,000.

“When I called to ask the bank about it I was told it was too early to know where the transactions were made, I later found out they were in branch in Miranda and East Gardens,” he said.

The theft was alarming, but things took a different turn when the bank told Mr Bottom that his real details did not match those in the system.

2GB traffic reporter says his life was affected by the fraudster for a year after he used his credentials for the first time to withdraw $19,000 from his bank

2GB traffic reporter says his life was affected by the fraudster for a year after he used his credentials for the first time to withdraw $19,000 from his bank

The fraudster had altered account verification information, including signature, address, and associated phone number.

“They had a driver’s license with my details but their photo so they could walk straight into the bank, make the withdrawals and change the details to their liking,” he said.

Luckily, Mr Bottom is from Cooma, a small town in the snowy region of NSW, so the cashiers at his local branch were able to help him.

They initially blocked the account to prevent the scammer from accessing the funds, but the scammer simply went to another branch and unlocked them.

“They ended up telling me that my money was not safe with them and that I had to change banks,” he said.

“Which was annoying because I really liked the bank and had been with them since I was in school.”

But the missing money and the banking drama were just the start of Mr. Bottom’s troubles.

The Sydney-based 2GB traffic reporter was quickly hunted down by police and debt collectors for ‘stolen’ cars and unpaid toll notices.

“I own a scooter and a car but when I went to Service NSW they had a whole screen of vehicles registered in my name,” he said.

The car scam was simple, he explained.

“The person would see that you had a car, say a BMW for sale, and take it for a test drive,” he said.

“Then he would write a check, hand over copies of my ID and even take the car salesman to the bank to have the slip deposited.

“Then the next day the car salesman would be told the check had been bounced and would contact the police. They kept calling me asking if I had bought a car, it was confusing at first.

The young man said he was known as

The young man said he was known as “the cautious one” in all his social circles and the least likely to be defrauded.

Police calls have become very regular, with inspectors across the state investigating complaints of stolen vehicles.

Then a rental car taken in Mr. Bottom’s name was smashed and abandoned, leading the company to dispatch debt collectors who demanded the youngster pay.

“I kept trying to tell them it wasn’t me, but I guess everyone says that,” he said.

“They said it was me and they had videos of me going to get the car, but it wasn’t me in the video.”

The fraudster was eventually arrested after being pulled over by Central Coast Police for an unrelated traffic violation.


How often do you change your personal passwords?

  • Never! 43 votes
  • Each month! 17 votes
  • Annual! 15 votes
  • When I’m invited to. 29 votes

“I think it’s over now, he’s been sentenced and will be spending time in jail,” Mr Bottom said.

“For me, I considered it over when the police stopped calling and I stopped getting toll notices every day.”

It took 12 months for the case to be closed after Mr Bottom made his first complaint to the police.

“It’s impossible to catch someone like that because you don’t know who you’re looking for because it’s someone different every day,” he said.

“And it’s frustrating as a victim because every time something new happens you have to go to a different detective at a different station to report it.

“You don’t just get a personal detective assigned to you from the start.”

He learned this first hand after texting detectives from the first complaint when things started to take a turn only to be told that new offenses should be recorded separately.

“I also found that my request seemed insignificant because they are dealing with cases where people have lost millions. So, for me, $20,000 was a lot, but not for the cops dealing with it.

Mr Bottom got his money back and was able to secure it by changing banks, was able to reset the vehicles registered to his Service NSW account and is no longer receiving toll notices.

How to protect yourself online?

Lawrence Patrick is a cybersecurity expert from Zirilio, he shared his top five tips for staying safe online.

1. Change your passwords – chances are the password you’ve been using for years has already been stolen in a data breach and bought and sold multiple times by hackers on the dark web. In other words, your password is no longer secret. Change it.

2. Enable MFA – Enable multi-factor authentication for services you use often and for any service that contains important data. This will require apps and websites to verify your identity with two forms of identification before unlocking your account. This way, a hacker cannot easily access your accounts, even if your password has been stolen or compromised.

3. Pick up the phone – if you receive a suspicious email or text from someone you know, your bank or a business you support, you should take a moment and call them on the phone to make sure that they are genuine. Never call the number given in the suspicious email. Use your contact numbers saved on your phone. If it’s a bank, call the number printed on your debit or credit card.

4. Use the built-in password manager on your phone and in your web browser – it will help you stay organized and even suggest stronger passwords and remember everything. Another benefit is that it can alert you if your data appears on the dark web, so you’ll know when to remove a password and change it.

5. Do not store passwords or secret information in the notes app or a memo app on your phone. This is easy to get if someone recovers your device. Use a password manager and paper backup system instead. You can write down passwords in a notebook to keep them safe and store them with other important documents at home.

He also revealed that there is little chance that your passwords have ever been stolen.

Millions of personal account details have already been stolen and sold multiple times, here’s how you can check:

1. Use a website like “Have I been Pwned” to see if your personal data has been stolen

2. Use Google’s Password Manager to sync your passwords. It will also automatically alert you if it finds evidence that your password or username has been involved in a data breach.

And Apple’s iPhones have the same functionality built-in. Instructions are here.

But he fears the fraudster’s actions will come back to haunt him after discovering his credit rating could have been affected.

“I moved and couldn’t put the electricity under my name because my credit rating was so bad. So my mum had to put it for me in her name,” he said.

“I want to buy a house one day and I’m just wondering if this is all going to come back to haunt me next.”

Mr Bottom believes he was lucky to catch the fraud in its early stages and credits himself with ‘logging into his internet banking services often’ and tracking his spending to notice losses.

“The Christmas after the first batch of money disappeared, the scammer bought KFC and took out $500, but I noticed right away,” he said.

The 2020 data breach affected up to 103,000 Service NSW users and included 738GB of handwritten forms and personal information.

A driver’s license can be purchased by scammers on the dark web for as little as $200.

Comments are closed.