The second-largest telecoms operator, Optus, was criticized by the Australian government in the harshest possible terms on Sunday for a cybersecurity compromise that affected the equivalent of 40% of the nation.
The government demanded that Optus, which is owned by Singapore Telecommunications, quickly notify the 10,200 consumers whose personal information was disclosed in one of the worst cybersecurity breaches in the nation. The incident, which affected 10 million accounts, was attributed to Optus.
In a televised news conference from Melbourne, Home Affairs Minister Clare O’Neil said, “Optus has put us here. We shouldn’t be in this position. Australians must now take all reasonable efforts to safeguard themselves against financial crime, which is crucial.
Optus stated on Sunday that it was closely collaborating with federal and state government organizations to identify if clients required any action, but it was still waiting for more information on the situation of customers whose details had expired.
An Optus representative stated in email remarks, “We continue to engage constructively with governments and their different bodies to mitigate the impact on our consumers.”
When asked if Optus had discovered the method by which the breach happened, the representative remained silent.
The corporation published a full-page apology for the “devastating” breach that it initially disclosed on September 22 in major Australian newspapers on Saturday. Later, an anonymous person wrote online that they would continue to reveal the personal information of 10,000 Optus customers every day until they earned $1 million.
O’Neil stated that the search by Australian authorities for the individual or individuals responsible for the Optus breach is “progressing well” and that they would provide an update this week.
She did add that Optus should increase its efforts to call, rather than just email, anyone whose identification data was made public online to let them know they are at danger.
O’Neil urged anyone who had received notice to revoke their passports or other forms of identity and obtain new identification as soon as possible, saying that this was “a time for great vigilance for Australians.”
According to Government Services Minister Bill Shorten, Optus had not provided the government with information about customers who had provided their Medicare health care cards or other social services information for identification purposes for Optus accounts five days after it had been requested.
At the joint media conference, he told reporters, “We call upon Optus to recognise that this breach has caused systemic problems for 10 million Australians in terms of their personal identification.”
Shorten added, “We know Optus is doing what it can, but having said that, it’s not enough. It is now important to defend Australians’ privacy against criminals.
In order to provide the government greater authority to respond to cyber security emergency occurrences, O’Neil stated Australia needed to amend its cybersecurity legislation.
