Australia: Optus to Pay for Data Breach

Improve the News Foundation -

Facts

  • After a cyber attack on telecommunications company Optus compromised the data of around 10M customers last week, the Australian government on Wednesday called for the company to pay to replace the stolen documents to avoid identity fraud.
  • The most sensitive data compromised included the passports and driver's licenses of around 2.8M customers and some people's healthcare ID numbers. However, the health minister said the government hasn't yet decided whether Medicare cards need to be replaced.
  • PM Anthony Albanese rejected opposition lawmakers' calls for the government to waive the costs of replacing the documents, telling parliament, "We believe Optus should pay, not taxpayers."
  • With this hack affecting roughly 40% of Australia's population and tensions building between the government and the Singapore Telecommunications-owned firm, other internet companies, banks, and government entities are scrambling to ensure they don't face a similar hack.
  • Optus, Australia's second-largest telecom firm, hasn't responded to the government's request but has offered to provide one year's worth of credit to the customers most affected.
  • The hack comes after Optus has repeatedly opposed changes to the country's Privacy Act that would allow customers to request that their personal data not be stored in a company's database.

Sources: Exchange Wire, ABC, Techxplore, and Reuters.

Narratives

  • Establishment-critical narrative, as provided by ZDNET. Australians' data wasn't stolen through a complex and sophisticated attack; rather, Optus was left incredibly vulnerable through its own dereliction. Not only should Optus pay to replace all of the documents, but it should face extra financial penalties for its recklessness. It's time telecom companies take responsibility for their lax cybersecurity and the government raise the standards through legislation.
  • Pro-establishment narrative, as provided by Red Education. Cyber hacks are an increasing trend in today's digital world, and hacks like these aren't unique to Optus. The company now faces repercussions far beyond just fines: the inevitable damage to its reputation will likely far outweigh any punishment the government can impose.