Friday 23 September 2022 02:50 AM Optus CEO Kelly Bayer Rosmarin's emotional apology after millions of customers ... trends now
The Optus CEO has issued an emotional apology after the personal details of nearly 10 million customers were potentially stolen by overseas hackers.
The massive cyber breach allowed hackers to access the personal details of the telco's customers including passport and driver's licence numbers, email and home addresses, dates of birth and telephone numbers.
The company's boss Kelly Bayer Rosmarin confirmed payment details and account passwords had not been compromised but admitted she felt 'terrible' the breach had happened under her watch.
'I think it's a mix of a lot of different emotions,' she said looking downcast.
'Obviously I am angry that there are people out there that want to do this to our customers, I'm disappointed we couldn't have prevented it.
The telco's boss Kelly Rosmarin confirmed payment details and account passwords had not been compromised but admitted she felt 'terrible' the breach had happened under her watch
'I'm very sorry and apologetic. It should not have happened.'
Ms Bayer Rosmarin also revealed that the IP addresses linked to the hackers had moved around various European countries, and that it was a 'sophisticated' breach.
She added it was too soon to tell if it was a criminal organisation or another state was responsible for the attack.
The data that was potentially stolen has been dated back to 2017.
Ms Bayer Rosmarin said the reported figure of 9.8million people had had their data breached was the 'worst case scenario', and Optus expected the number to be much fewer.
'It's a small subset of data, it does not include any financial details, it does not include passwords,' she said.
It comes after Optus was called out for failing to tell close to millions of customers their personal details had potentially been stolen for almost 24 hours.
Optus Regulatory and Public Affairs Vice President Andrew Sheridan said the company learnt of the breach late on Wednesday.
He was forced to defend the telco when 2GB host Ben Fordham questioned why they had waited until Thursday at 2pm to issue a press release.
Optus has been called out for waiting nearly 24 hours to tell close to 10 million customers their personal details had potentially been stolen by hackers
Fordham said The Australian newspaper had first broken the news about the breach at 1pm on Thursday, only for Optus to publish a release an hour later.
'You knew about it on Wednesday ... it was only after The Australian newspaper splashed the story on their website (on Thursday) that you put out a statement,' Fordham said on his radio breakfast program on Friday.
'If you're interested in protecting your customers why didn't you alert them the moment you were aware of this potential breach?'
Mr Sheridan said that there was a 'number of steps' that had to be taken in cyber incidents.
'I think if you look at incidents like this we've acted very, very quickly,' he said.
He was then cut off by Fordham who said he didn't think the telco had acted fast enough.
'I've got to call you out on that Andrew, I don't think you've acted quickly at all,' he said.
Optus Regulatory and Public Affairs Vice President Andrew Sheridan said the company learnt of the breach late on Wednesday. A press release was not issued by Optus until Thursday
'We've seen many of these cases in the past where companies have said ''we don't know if there's been a breach, there's been a potential breach, we want to alert you straight away'' - you guys didn't do that, you failed to do that.'
Mr Sheridan wouldn't confirm the number of customers who'd been affected but said the investigation was ongoing.
He added Optus had to confirm the details of the breach and secure their network before they were able to alert customers.
The millions of customers impacted are being contacted by the telco.
Customers have been told not to click on any links sent in a message appearing to be from Optus.
Optus said users' payment details and account passwords had not been compromised and it
