Optus appeals judgment in battle to keep Deloitte report secret

Optus appeals judgment in battle to keep Deloitte report secret


Class actions practice group leader Ben Hardwick said it was disappointing that Optus appeared to be refusing to accept “the umpire’s decision”.

“Our clients who were impacted by this data breach just want this case to move forward and Optus is putting up another roadblock to their path to justice,” Mr Hardwick said.

Former Optus chief executive Kelly Bayer Rosmarin, who resigned on November 20, told a Senate inquiry on November 17 that the Deloitte report was “highly sensitive” because it contained a forensic investigation into the company’s cyber defences.

“The contents could be so sensitive that they expose us to national security concerns,” Ms Bayer Rosmarin said.

An Optus spokeswoman said the type of information contained in the Deloitte report “could potentially assist a criminal and should not be shared more widely than is absolutely necessary”.

But a court order has stipulated that Slater & Gordon would only receive the Deloitte report after agreeing to confidentiality and information security arrangements.

In its written response to questions on notice from senators following the November 17 committee hearing, Optus said it experiences an average of 17 million cyberattacks every day.

The Optus appeal comes as the federal government releases the details of a review into the November 8 communications outage.

Confident failure won’t happen again

The review, which will not hold public hearings but will take written submissions, will be led by Richard Bean, a former deputy chairman of the Australian Communications and Media Authority (ACMA.)

It will examine why some people could not call triple zero during the national outage and how the government and telecommunications industry should respond to future outages.

It will also review the adequacy of compensation and communications processes and report to government by February 29. ACMA is separately reviewing whether Optus complied with regulations that require it to keep emergency calls available.

In its response to questions on notice from senators seeking more details on the outage, Optus said it was “fully confident that this type of failure cannot occur again”.

“The cause of the outage was that Optus’ Cisco routers hit a fail-safe mechanism which meant that each one of them independently shut down,” the company said. “There is no evidence to suggest influence by any foreign actor or sabotage.”

Optus’ answers to questions included a statement that it was working with other mobile network operators to assess the viability of temporary disaster roaming in any future outages.

“If a roaming solution was in place, it would have likely resulted in other mobile networks being unable to accommodate the extra traffic given the number of users trying to roam,” the company said.

“If the capacity issue could have been addressed, roaming would likely not have worked as the Optus core network was down and Optus subscribers would not have been able to be authenticated for roaming.”

Optus said it was paying financial compensation to some customers using both cash and account credits, but did not define the split.

Ms Bayer Rosmarin said on November 17 that Optus had paid $36,000 of the $430,000 in claims it had received.



Source link