September 29, 2022
ANTHONY Albanese has declared Optus should be made to pay for new personal documents after the sensitive details of almost 10 million customers were stolen in a data breach.
The Prime Minister told parliament on Wednesday that the hack had caused millions of Australians "stress and worry", while lashing the Coalition for calling on the government to cover the costs of issuing passports.
"That's not our approach,we believe that Optus should pay, not taxpayers," he said.
"When customers hand over their data to companies in Australia they expect that it will be kept safe and this kind of data breach should be an absolute wake-up call to corporate Australia."
Mr Albanese said Foreign Minister Penny Wong had written to the telco's chief executive about the matter.
Taking up the issue in parliament, Mr Albanese said the opposition had failed to legislate tougher privacy laws during almost a decade in power.
"That is a big difference between us and those opposite somehow attempting to play politics," he said.
The Prime Minister revealed he had been briefed by cyber security agency, the Australian Signals Directorate, on Friday and spoken with the Optus CEO on Saturday.
Meanwhile, Australia's banks and financial regulators have met to discuss how they can help protect the customers whose sensitive details were stolen in the data breach.
Treasurer Jim Chalmers said the government had been "working around the clock" and he had brought together Treasury, the banks and regulators to address privacy and data retention concerns.
"We'll do our best to resolve these issues as soon as we can as part of a suite of broader efforts," he said.
"We want to ... make sure that if there's more that can be done by financial institutions to monitor risks and protect consumers, then that should be done."
Opposition Leader Peter Dutton said affected customers shouldn't be out of pocket, and called for the government to waive fees, or pay for them and seek to be reimbursed from Optus.
Mr Dutton said on Wednesday that the Coalition was open to legislation that would impose fines on telcos for similar breaches in the future.
Health Minister Mark Butler said it was "deeply unfortunate" that the government was only notified Medicare details were included in the breach in the past 24 hours.
The government is being urged by the Coalition to waive the fees for new passports needing to be issued following the breach.
In a joint statement, opposition cyber security spokesman James Paterson and opposition health spokeswoman Anne Ruston said Mr Butler should provide advice on "what direction he has provided his department to actively protect the confidential personal Medicare numbers".
Assistant Treasurer Stephen Jones said passports had multiple layers of security and were still safe to use.
"Any costs associated with replacing documents, frankly ... it shouldn't be the Commonwealth government or any other government that is bearing the cost of what is at its heart... a stuff-up by Optus," he told reporters.
Meanwhile, the FBI is joining the Australian Federal Police in probing the alarming incident. Attorney-General Mark Dreyfus revealed the international co-operation as the group behind the breach scrapped its ransom demand and claimed to have deleted the 11 million customer records it swiped from the telco's website.
The attempt to force Optus to pay $US1 million ($1.54 million) by Friday was dropped hours after the group released a batch of 10,000 Australian customers' sensitive details on a data breach forum on the clear web.
The illegally obtained information includes passport, Medicare and driver's licence numbers, dates of birth, home addresses and information about whether a person is renting or living with parents.
Several state governments have struck agreements with Optus to protect customers whose driver's licences were compromised.
In Victoria and NSW, people can get replacement cards and Optus will cover the costs.
Optus says it has sent emails or SMS messages to customers whose details were compromised and apologised for the concern it has caused.
But it insists payment details and account passwords were not compromised.
The privacy commissioner has urged Optus customers to be vigilant and not click on any links intext messages.
