It’s set to be one of the biggest privacy breaches in Australia’s history. The data breach at Optus has sparked questions about the poor communication by the Optus public relations team.
Ten million Optus customers past and present have been affected by the data breach and customers are expressing their frustration at the telco’s communication.
Customers describe feeling disappointed because they were not notified by Optus of the data breach, but rather through the media.
The information that has been exposed includes customers’ names, dates of birth, phone numbers and email addresses, as well as ID documents, including licence numbers and passport numbers.
Optus did not directly contact the customers and rather put statements on its media webpage to address the situation.
One of them states, “The security of our customers and their data is paramount to us. We did this as it was the quickest and most effective way to alert as many current and former customers as possible, so they could be vigilant and monitor for any suspicious activity. We are now in the process of contacting customers who have been impacted directly.”
One disgruntled customer and Twitter user expressed the following statement.
Thanks for letting your “valued customers” know. Seems your systems were fine to send my bill today. I found out about the data breach because I am watching the football on TV and there was a news update at half time. NOT GOOD ENOUGH!!!
— Mike Steell (@1truesteelly) September 22, 2022
What is a data breach?
The Australian Government lists a data breach as when personal information is accessed, disclosed without authorisation or lost.
A data breach can harm any individual whose personal information is affected.
Optus outlined four days after the cyberattack that its priority is to communicate with customers whose information has been compromised.
The biggest risk that comes from this cyberattack is identity theft. This occurs when criminals steal information to demand money or gain other benefits such as getting a mortgage, passport or a new phone account.
In response, Optus is offering the “most affected” current and former customers the option of taking up a 12-month subscription to Equifax Protect at no cost.
Equifax Protect is a credit monitoring and identity protection service that can help reduce the risk of identity theft. Optus states that no passwords or financial details have been compromised.
Customers are complaining that there was no immediate communication about whether or not their data was breached.
One customer spoke to the Guardian Australia and said they received an email two days after the data breach was announced.
In remarks made to Parliament earlier this week, Home Affairs Minister, Clare O’Neil, said, “The breach was of a nature that we should not expect to see in a large telecommunications provider in this country.”
It has been alleged that the hacker has posted on an online forum that they will release 10,000 customer records unless a $1 million ransom is paid.