Optus Data breach with Optus dragged to covering more costs and it becoming a mini political battle ground
October 2, 2022
Optus is very slowly applying the basic principles of a data breach response plan. But grudgingly and so reluctantly that the benefits of having a plan are lost. It refused to provide any help initially to those affected, merely suggesting they get assistance from services it helpfully listed in its original letter. That never works. So it engaged Equifax to help “most affected customers.” Still miserly. It wasn’t candid about what personal information was compromised. It failed to say that some Medicare numbers were part of the hacker’s haul. That brought on a savage response from the Home Affairs Minister.
With Operation Guardian, the taskforce an investigation by the Australian Federal Police to find the hacker, the focus has shifted ever so slightly away from the incredibly poor response to the data breach. On 30 September Optus and the Australian Federal Police and other agencies and organisations issued a joint media release about the Optus data breach which states
The AFP and state and territory police have set up Operation Guardian to supercharge the protection of more than 10,000 customers whose identification credentials have been unlawfully released online under the Optus data breach.
Customers affected by the breach will receive multi-jurisdictional and multi-layered protection from identity crime and financial fraud. The 10,000 individuals, who potentially had 100 points of identification released online, will be prioritised. Read the rest of this entry »