Australia’s No. 2 telco Optus, government clash over massive data breach
2022.09.26 22:34
© Reuters. FILE PHOTO: A woman uses her mobile phone as she walks past in front of an Optus shop in Sydney, Australia, February 8, 2018. REUTERS/Daniel Munoz
SYDNEY (Reuters) – Australia’s No. 2 telecoms firm Optus, hit by a massive data breach, on Tuesday said its cyber defences were strong, contradicting the government’s analysis as reports emerged that hackers had released data for tens of thousands of customers.
The Australian federal government has blamed Optus for the breach, flagged an overhaul of privacy rules and more fines, and suggested the company had “effectively left the window open” for hackers to steal data.
Optus Chief Executive Kelly Bayer (OTC:) Rosmarin said there was lot of “misinformation out there”.
“Given we’re not allowed to say much because the police have asked us not to, what I can say … is that our data was encrypted and we had multiple players of protection,” Rosmarin told ABC Radio.
“So it is not the case of having some sort of completely exposed API (application programming interface) sitting out there,” Rosmarin added. An API allows two or more computer programs to communicate with each other.
Rosmarin said Optus had briefed authorities after the government’s initial review of the incident. She said most customers understand that “we are not the villains” and that the company had not done anything deliberate to put data at risk.
Singapore Telecoms-owned Optus revealed last week that home addresses, drivers’ licenses and passport numbers of up to 10 million customers had been compromised in one of Australia’s biggest data breaches.
Australian media reported that hackers released the information of about 10,000 customers in an online forum and threatened to release more unless Optus paid $1 million in cryptocurrency.
Rosmarin said “the Australian Federal Police (AFP) is all over that.”
The AFP said it has been working closely with overseas law enforcement agencies to find the perpetrators.
Australia’s Council Of Financial Regulators, which includes the central bank, on Tuesday said its members have been working together in response to the cyber attack.
