Australia’s Telstra hit by data breach, two weeks after attack on Optus

SYDNEY – Australia’s largest telecoms firm Telstra Corp Ltd said on Tuesday it had suffered what it called a small data breach, a disclosure that comes two weeks after its main rival Optus was left reeling by a massive cyberattack.

Telstra, which has 18.8 million customer accounts equivalent to three-quarters of Australia’s population, said an intrusion of a third-party organization exposed some employee data dating back to 2017.

According to local media, a Telstra internal staff email put the number of affected current and former employees at 30,000.

The data that was taken was “very basic in nature”, limited to names and email addresses, a company spokesperson said in a statement.

“We believe it’s been made available now in an attempt to profit from the Optus breach,” the spokesperson also said without elaborating.

Telstra did not comment on the number of people affected or when the breach occurred, but said it affected current and former staff only.

Australia’s telecommunications, financial and government sectors have been on high alert since Optus disclosed on Sept. 22 that a breach of its systems that may have compromised up to 10 million people’s accounts. The data exposed included home addresses, drivers’ licenses and passport numbers.

Optus owner Singapore Telecommunications Ltd has said it was assessing the potential cost of the attack, while law firms contemplate class action suits.

The Australian government, which believes the breach was due to a basic security gap, has continued to slam Optus for describing the attack as sophisticated and for delays in updating affected customers.

“Optus senior management are kidding themselves if they want a medal for the way that they’ve been communicating,” Government Services Minister Bill Shorten told reporters on Tuesday.

“Not even a crocodile’s going to swallow that.”

An Optus spokesperson declined to comment on Shorten’s remarks, but said the company was working as quickly as possible to provide accurate updates to impacted customers.

Read more...