Meet the man whose identity was stolen from a government website costing him $20,000

William Bottom, 23, was 'blindsided' by scammers when they stole his identity in 2020

William Bottom, 23, was ‘blindsided’ by scammers when they stole his identity in 2020

A man has revealed how he was hounded by debt collectors, accused of stealing a dozen cars and blamed for an accident in a hire car after his identity was stolen.  

Blindsided by the ‘total takeover’ William Bottom, 23, first became aware of the fraudster acting on his behalf when $19,000 was taken from his savings.

He told FEMAIL he was the last person anyone would expect to be the victim of identity fraud because of how he prioritises safety in life and online.

‘I couldn’t believe what had happened and just kept second-guessing where I had gone wrong,’ he said.

‘I wondered if I had used a bad credit card or if I had handed my licence to a dodgy hotel receptionist or something.’ 

But he couldn’t have prevented the fraud by being ‘safer’ online, he was one of 103,000 people impacted by a Service NSW data breach between March and April, 2020. 

In fact he caught the fraud in its early stages in late 2020 after logging into his online banking to find two fresh over the counter withdrawals of $10,000 and $9,000. 

‘When I called to ask the bank about it I was told it was too early to know where the transactions were made, I later found out they were in-branch at Miranda and East Gardens,’ he said.  

The theft was alarming but things took another turn when the bank told Mr Bottom his real details didn’t match those in the system.

The 2GB traffic reporter says his life was impacted by the fraudster for a year after they first used his ID information to take $19,000 from his bank

The 2GB traffic reporter says his life was impacted by the fraudster for a year after they first used his ID information to take $19,000 from his bank

The fraudster had changed the verification information for the account including the signature, address and linked phone number.

‘They had a driver’s licence with my details but their photo, so they were able to walk straight into the bank, make the withdrawals and change the details to suit them,’ he said. 

Fortunately Mr Bottom comes from Cooma, a small town in the NSW snow region, so the tellers at his local branch were able to help. 

They initially put a block on the account to stop the fraudster accessing funds but the conman simply went to another branch and unlocked them.

‘They ended up telling me my money wasn’t safe with them and that I had to change banks,’ he said.

‘Which was annoying because I really liked the bank and had been with them since I was in school.’

But the missing money and bank drama was just the start of Mr Bottom’s problems.

The Sydney-based 2GB traffic reporter was soon being hounded by police and debt collectors over ‘stolen’ cars and unpaid toll notices.

‘I own a scooter and a car but when I went in to Service NSW they had a whole screen of vehicles registered in my name,’ he said.

The car con was a simple one, he explained.

‘The person would see you had a car, for example a BMW for sale and take it for a test drive,’ he said.

‘Then he would write a cheque, hand over copies of my ID and even take the car seller to the bank to have the slip deposited.

‘Then the next day the car seller would be told the cheque bounced and contact the police. They kept calling me to ask if I had bought a car, it was confusing at first.’

The young man said he is known as 'the careful one' in all of his social circles and the least likely to become a victim of fraud

The young man said he is known as ‘the careful one’ in all of his social circles and the least likely to become a victim of fraud

The police calls became very regular with inspectors all over the state looking into stolen vehicle complaints.

Then a hire car taken out in Mr Bottom’s name was smashed and abandoned which led to the company sending debt collectors who demanded the youngster pay up.

‘I kept trying to tell them it wasn’t me but I guess everyone says that,’ he said.

‘They said it was me and they had videos of me going in to get the car, but it wasn’t me in the video.’ 

The fraudster was finally caught after being stopped by police in the Central Coast for an unrelated traffic offence.


How often do you change personal passwords?

  • Never! 43 v
  • Every month! 17 votes
  • Yearly! 15 votes
  • When I am prompted to. 30 votes

‘I think it is over now, he has been sentenced and will spend some time in jail,’ Mr Bottom said. 

‘For me I considered it over when the police stopped calling and I stopped getting toll notices delivered every day.’ 

It took 12 months for the case to be wrapped up after Mr Bottom made his first complaint to police.

‘It is impossible to catch someone like that because you don’t know who you’re looking for because they are someone different every day,’ he said. 

‘And it is frustrating as a victim because every time something new happens you have to go to a different detective at a different station to report it.

‘You don’t just get a personal detective assigned to you from the get go.’

He learned this first-hand after texting the detectives from the first complaint when things began to take a turn only to be told new offences need to be logged separately.

‘I also found that my claim seemed insignificant because they are dealing with cases where people have lost millions. So to me $20k was a lot but not to the cops dealing with it.’ 

Mr Bottom got his money back and was able to secure it by changing banks, was able to reset the registered vehicles on his Service NSW account and no longer gets toll notices.

How can you protect yourself online? 

Lawrence Patrick is a cyber safety expert from Zirilio, he has shared his top five tips to staying safe online.

1. Change your passwords – there is a good chance that password you’ve been using for years has already been stolen in a data breach and bought and sold several times by hackers on the dark web. In other words, your password is no longer secret. Change it. 

2. Turn on MFA – Activate multi-factor authentication for services you use often and for any service that contains important data. This will require apps and websites to verify your identity with two forms of ID before unlocking your account. This way a hacker can’t easily access your accounts, even if your password has been stolen or compromised. 

3. Pick up the phone – if you receive a suspicious email or text from someone you know, your bank, or a business you support, you should take a moment and call them on the phone to make sure it is genuine. Never call the number listed in the suspicious email. Use your stored contact numbers on your phone. If it is a bank, call the number printed on your debit or credit card.

4. Use the built-in password manager on your phone and in your web browser – it will help you stay organized and will even suggest stronger passwords for you and remember everything. Another advantage is that it can alert you if your data appears on the dark web, so you will know when to retire a password and change it up. 

5. Don’t store passwords or secret information in the notes app or a memo app on your phone. This is easy to obtain if someone gets your device. Instead, use a password manager and a paper backup system. You can write passwords in a notebook for safe keeping and store it with other important documents at home. 

He has also revealed that there is a slim chance your passwords have never been stolen.

Millions of personal account details have already been stolen and sold several times over here is how you can check:

1. Use a website such as ‘Have I been Pwned’ to see if your personal details have been stolen

2. Use the password manager from Google to sync your passwords. It will also automatically alert you if it finds evidence that your password or ID was involved in a data breach. 

And Apple iPhones have the same feature built in. Instructions are here

But he is afraid the fraudster’s actions will come back to haunt him after he found out his credit rating could have been impacted.

‘I moved house and couldn’t put electricity on under my name because my credit score was so bad. So my mum had to put it on for me in her name,’ he said.

‘I want to buy a house one day and I just wonder if this is all going to come back to haunt me then.’ 

Mr Bottom feels he was fortunate to catch the fraud in its early stages and credits ‘logging on to his internet banking often’ and tracking his spending to noticing the losses.

‘The Christmas after the first lot of money disappeared the fraudster bought KFC and took out $500 but I noticed straight away,’ he said.

The 2020 data breach impacted up to 103,000 Service NSW users and included 738GB of handwritten forms and personal information.

A driver’s licence can be bought by fraudsters on the dark web for as little as $200.