It has been revealed former NSW Premier Gladys Berejiklian played a vital role in the response to the Optus hack as CEO Kelly Bayer Rosmarin explained exactly what was happening behind the scenes at the telco giant.
It was just another day in September when Ms. Bayer Rosmarin received the news that Optus had been hit by a company-wide cyber-hack while waiting at an airport in the United States with Ms. Berejiklian, Optus’ general manager for enterprise and business.
The pair were ready to board a Qantas flight home when Ms Bayer Rosmarin received a call about suspicious activity on Optus’ IT networks and was told the telco giant was facing a major crisis.
Both were ready for a 15 hour long haul flight home and the lack of Wi-Fi from Qantas meant they could both be unreachable for the entire flight, so Ms Bayer Rosmarin made the decision to stay in the US while Ms Berejiklian, responsible for relations with the Optus government and media, went home.
Former NSW Prime Minister Gladys Berejiklian (left)’s role in the Optus hack has been revealed as CEO Kelly Bayer Rosmarin (top right) describes how she handled the controversy
Kelly Bayer Rosmarin (pictured) was made aware of the hack while waiting at a United States airport with Ms. Berejiklian. She remained in the US to coordinate a response, while the former prime minister returned to Australia to lead the media response
“I immediately wanted to know when we would get clarity on how big this was and what actually happened, and I was told, ‘Well, it could take a very long time,’” Ms Bayer Rosmarin told the Australian Financial Review.
After multiple calls and meetings, Optus discovered that the hacker had accessed between 2.5 million and 9.7 million records from current and former customers.
This included customers’ driver’s license numbers, passport numbers, and Medicare information, which ultimately meant they were now at risk of fraud.
Ms Bayer Rosmarin told the publication hours after the first frantic phone call was made on board a late night flight to Australia after being assured she had access to in-flight Wi-Fi.
Meanwhile, in Sydney, Ms Berejiklian coordinated a media response and drafted an action plan.
By then, Optus had managed to detect the hacker in their system and shut them out.
The telco then identified that the biggest risk to their customers was a phishing attack and took steps to prevent it.
“We have a lot of technology and cyber savvy on our executive team and we understood that the best defense against a hacker – when it comes to protecting customers – is to create an environment where they can’t take advantage of the data. said Mrs. Bayer Rosmarin.
Optus came to a decision around 2pm on Thursday 22 September to announce the cyberattack, but Ms Bayer Rosmarin said that 20 minutes before the telecom giant released their statement, someone had leaked the information to a journalist who was already having a media whirlwind causes
Optus came to the decision to announce the cyberattack on Thursday, September 22 around 2 p.m.
The move would create a space that the hacker could not take advantage of and would allow the company to warn customers to be alert to phishing attacks.
Ms Bayer Rosmarin said she called multiple telecommunications CEOs and the four major banks to bring potential scams to their attention before issuing their media warning.
But Ms Bayer Rosmarin said 20 minutes before the telecom giant released their statement, someone leaked the information to a journalist, sparking a media frenzy.
As media questions poured in, Ms Berejiklian took matters into her own hands, with an insider saying she could predict “exactly” what the media wanted to know and how the media cycle would evolve.
The insider even went so far as to say that the former NSW premier knew what questions journalists would ask and how media outlets would keep the story current.
She was faced with a tough task, however, when Optus announced the news on a public holiday and found herself in the middle of Australia’s first large-scale cyber-attack.
Questions poured in about who the hackers were, whether the perpetrators were from Russia or China, what data was stolen and how such a thing could happen, with Ms. Berejiklian leading the company’s response.
Ms Berejiklian found herself calling up contacts gained during her time as NSW prime minister to quickly track down new identification documents, such as driver’s licenses, from customers affected by the hack.
As media inquiries rolled in, Ms Berejiklian took control, with an insider saying she could predict exactly what the media wanted to know and how the media cycle would continue to evolve
While the former Prime Minister pulled the strings behind the scenes, Ms Bayer Rosmarin decided she should be the face of the crisis response.
She would be the one facing the media, who kicked off a livestreamed media conference on Friday morning to answer questions.
Ms Bayer Rosmarin apologized to customers and admitted that the attack should never have happened.
While Optus worked to rectify the colossal mistake and set everything right, health insurer Medibank then suffered one of the largest data breaches in Australian history.
This attracted a lot of attention from Optus and set off Australia’s cyber awakening, with the government and multiple companies taking hasty action to tighten cybersecurity.
This happened while Optus faced the colossal task of building a new customer database for 10 million customers.
The telco also came under heavy fire from the government for not sharing enough information about the devastating hack, and new laws were introduced to prevent a similar attack from happening at another company.
Under the new laws, companies like Optus would be able to more easily share data with government agencies to prevent cybercrime.
The Optus hack affected nearly 10 million current and past customers, with the hacker gaining access to the customer’s driver’s license, passport, and Medicare information
Communications Minister Michelle Rowland said Optus believed sharing information about the stolen data would violate the Telecommunications Act and so wanted to change the rules.
“Optus took the view of the government that they did not fall under any of these exemptions (to the Act) according to their analysis,” Ms Rowland said.
“We thought it prudent to take appropriate legal advice and consider that the most effective way to ensure that this data can be shared without any doubt was to amend these regulations.
“This regulation specifically responds to these cyberthreats on a scale and scope never seen before in Australia.”
Ms Rowland said the changes are “solely to protect consumers”.
As Optus continued to tighten security and ensure that a similar attack could not happen again, an investigation was launched into how the hack happened.
In December, Cybersecurity Minister Clare O’Neil announced that a review of both the Optus and Medibank data hacks had been ordered.
Rachael Falk, CEO of the Cyber Security Co-operative Research Center, was appointed to lead the review, which is still ongoing.