Optus did the right thing by quickly announcing the hack and it has also offered affected customers a 12-month free subscription to a credit monitoring and identity protection service.
Health Minister Mark Butler, however, has complained that Optus was slow in informing him of the theft of Medicare data.
Federal and state governments also have questions to answer over the glitches in their response to the highly predictable demand for new driver’s licences and Medicare cards to replace those that have been compromised. In some cases in NSW, replacement cards have been issued with the same numbers, which means people are still vulnerable.
Some customers have been told they cannot ask for a replacement card unless they can prove they have been victims of fraud.
Optus has promised to pay for replacement cards and NSW is now scrambling to cut the red tape around replacement documents but, meanwhile, customers have been given the runaround.
This only heightens anxiety at a time when people know they are vulnerable. This week, someone posted details on a website of 10,000 accounts which they said were a sample of the data stolen from Optus. The self-styled hacker demanded a $1 million ransom in cyber currency or else they said they would sell the data. It is not clear if the threat was real but it set nerves jangling.
The federal government is now promising a major policy response to the hacking which will likely increase fines for companies found to have been negligent in data storage. It should also look at the data retention rules and give consumers more rights to act against firms that fail to protect data.
In a fluid digital world, governments and firms cannot prevent data theft completely – but they should be doing much more to stop cyberattacks in the first place and smooth the process if people have their information stolen.
Bevan Shields sends an exclusive newsletter to subscribers each week. Sign up to receive his Note from the Editor.
Originally published at Sydney News HQ
No comments:
Post a Comment