Optus has exposed millions of customers’ data to hackers
Optus announced a significant cyber-attack in September, compromising the personal data of almost 10 million customers, including contact details, addresses, names, and dates of birth. The telco later confirmed that at least 2.1 million ID numbers were exposed, including data from 150,000 passports and 50,000 Medicare numbers. The result has been a wave of criticism for the second-largest telco in Australia.
Customers have complained about Optus’ handling of the data breach, especially the lack of information by the telco. Customers wanted to know which data was exposed and which identification documents to replace, but Optus moved slowly.
Current and old Optus employees have also voiced complaints about the telco. Many claim that the company’s Australian leadership is either flawed or inefficient because Optus’ parent telco, Singtel, makes all the decisions from Singapore.
The criticism doesn’t come as a surprise, given that this isn’t the first time Optus and Singtel have either lost or mishandled customers’ data.
Here’s a brief look at some past Optus-related privacy incidents:
- Singtel, Optus’ parent company, recently admitted that personal data of 129,000 customers and 23 businesses was compromised two years ago in a separate cyber attack.
- In 2014, Optus claimed that the names of about 122,000 customers were accidentally released to the phone directory after they made it clear that they didn’t want to be in the phone book. At the time, the telco blamed the “accident” on a “system error”.
- Five years later, in 2019, Optus again released an additional 50,000 customers’ information to the phone directory, blaming yet another “system error”. The telco is currently under investigation for that incident.
How customers have reacted to Optus’ recent data breach
Optus is one of many firms to experience a data breach. However, customers have voiced concerns over how the telco has handled the incident so far, and for good reason.
Roy Morgan recently conducted a special telecommunications industry Trust Survey through a snap SMS poll to determine which telcos Australians trust and distrust, and their concerns about the Optus’ data breach. The survey asked 1,241 Australians over 18 years about their trust in telcos and their worries about Optus following the breach. Here’s what they found:
- Almost one-third of Australians actively distrust telcos
- More than 50 per cent of Australians distrust “All” brands or do not trust any brand at all.
- Optus is now the most distrusted telco in Australia, and Telstra is now more trustworthy than Optus (a very rare feat).
In another Roy Morgan survey just a couple of months ago, Optus had a marginal trust-to-distrust ratio in August. Things have changed since then – the latest report indicates that Optus has suffered significant distrust over the breach and how it handled it afterwards.
The new Roy Morgan survey delved into the issues of customer concerns. Here are a few critical statements from Australians:
- “Breaches are always happening with large companies. It worries me that companies do not take more responsibility to compensate for losses.”
- “My data is now for sale, there’s nothing they will do about it and I’m in a locked in contract so I can’t change providers.”
- “There’s a lack of information over how it occurred and who is behind it.”
- ”It’s personal information. I am a former customer and I question why they still have my information on file and if was not destroyed when I left them.”
What makes matters worse is that this is not the first time Optus has either lost or mishandled customer data. Recall that we mentioned Singtel, Optus’ parent company, recently had a breach of 129,000 customer data, along with 23 businesses. Also, recall that Optus “accidentally” handed over customer data to the phone directory twice.
Customer displeasure is nothing new when it comes to the industry. Over the years, we have conducted several surveys to measure Australians’ trust and distrust of telcos. One of those surveys indicated that over 20 per cent of Australians do not trust their telcos “at all”, while less than 5 per cent trust their telcos completely.
Only 5% of Australians trust their telcos “completely”.
With the recent Optus data breach and mishandling, perhaps telco distrust is here to stay.
Optus employees also want to leave the telco
Customers are just some of the ones criticizing Optus. Both current and former employees of the giant telco have also voiced concerns and actually want to leave.
The Sydney Morning Herald has reported that several former senior Optus executives describe Optus as “…underequipped in areas such as compliance, government relations, communications and security.” According to them, Optus leadership are “cheapskates” and “Everything is decided by Singapore.” Recall that Optus’ parent company, Singtel, is based in Singapore, which has a one-party rule system. Those former employees claim that the Singaporian leadership avoid hearing about problems with the telco, which often leaves issues unsettled until it’s too late.
Final words
What is clear is that Optus mishandled the events following the data breach. While hacks have become commonplace in today’s digital age, firms must handle such incidents swiftly to preserve trust. In this case, customers were kept in the dark for too long, questions went unanswered, Optus senior executives kept mum, and CEO Bayer Rosmarin took a combative role against the media, the government, and experts.
While this may surprise many, the unspoken truth in telco board rooms around the country is that no one who works for a phone company expects their customers to trust them. As a former telco employee who has worked for a few of the marketing departments staffing large telcos, I know it’s almost impossible to be an honest telco in Australia. The industry is used to such misleading explanations of what is in phone plans that for a single phone company to talk honestly about it would make it a pariah. Optus’ data breach has and will continue to, create a significant divide between telco marketing and customer expectations, which will likely hinder Optus’ ability to retain the stronghold it once had on its customers.