View this article online: https://www.insurancejournal.com/news/international/2022/09/29/687327.htm
Australian telecoms giant Optus must pay the cost of replacing the passports and drivers licenses of millions of customers whose personal information was stolen in one of the country’s biggest data breaches, the government said on Thursday.
The theft of data attached to 10 million customer accounts, equivalent to 40% of Australia’s population, was the result of an error by Optus, so it was up to the Singapore Telecommunications-owned company to pay for the consequences, Assistant Treasurer Stephen Jones said.
“Optus is absolutely responsible for paying for the costs and the implications of this for customers, whether it’s the replacement of a license, whether it’s the replacement of a passport, or other necessary pieces of ID,” Jones told reporters in Sydney. He did not give a dollar figure for the costs.
Telecoms Firm Optus Warns Cyber Attack May Have Exposed Australian Clients’ Details
An Optus representative was not immediately available to respond to Jones’s comments. Optus has apologized for the breach and said it would pay for the most affected customers to receive credit monitoring for a year.
The comments underscore the growing tension between Australia’s government and its second-largest telco as internet companies, banks and government authorities scramble to minimize the risk of being similarly hacked.
The operator of an anonymous account had in an online chatroom demanded $1 million to refrain from selling the Optus customer data, only to later withdraw the demand and apologize, citing heightened publicity. Optus and law enforcement authorities have not verified the demand, although cyber-security experts say it was most likely authentic.
The stolen data included passport numbers, drivers license numbers, government health insurance numbers, phone numbers and home addresses, prompting commentators and lawmakers to demand replacement documents.
Other large internet firms meanwhile said they were running extra cyber-security checks to reduce the risk of a similar breach.
“In light of the recent Optus breach, we have been working closely with our cyber-security partners and the relevant government agencies to increase our checks,” said a spokesperson for No. 3 internet provider TPG Telecom Ltd., which has about 6 million customers.
A spokesperson for Telstra Corp., Australia’s largest internet provider, said in an email: “We will continue to consider what other steps we may need to put in place as we learn more about the Optus incident.”
(Reporting by Byron Kaye)
Related: