Optus hires Deloitte to review the recent cyber attack

Telecoms giant Optus said it is appointing professional services firm Deloitte to conduct an external review of the recent cyber attack, and its security systems, controls and processes.
Optus cyber securityDeloitte will undertake a forensic assessment of the cyberattack and the circumstances surrounding it.

Optus Chief Executive Officer Kelly Bayer Rosmarin said the forensic review would play a crucial role in the response to the incident for Optus.

“This review will help ensure we understand how it occurred and how we can prevent it from occurring again. It will help inform the response to the incident for Optus. This may also help others in the private and public sector where sensitive data is held and risk of cyberattack exists,” Kelly Bayer Rosmarin said.

Deloitte’s specialists will work with the Singtel and Optus teams and other international cyber experts.

Optus said personal information and at least one valid form of identification of about 1.2 million customers was compromised in the cyber security incident.

The data breach last month by an anonymous online account, which affected 10 million plus mobile phone customers, equivalent to around 40 percent of Australia’s population, attracted  criticism from the government.

Optus said the breach also affected expired IDs and personal information of about 900,000 customers and clarified that the exposed information did not contain valid or current document ID numbers for some 7.7 million customers.

The company’s parent Singapore Telecommunications Ltd (Singtel) said it was assessing the cost of the massive breach at Australia’s second-largest telecoms operator.

Optus said it informed the affected mobile phone customers about the data breach after the Australian government urged it to speed up its notification to 10,200 customers whose personal information were made public.