Last Thursday afternoon, on a bank holiday declared to mourn the death of Queen Elizabeth II, I received an advance warning from technology editor Nicholas Bonyhady about a breaking story that had Optus being hacked.
We usually have two press conferences a day, morning and afternoon, to discuss the day’s most important stories. But when a major news event happens, reporters or topic editors will send you a Slack message, call you, or walk over to your desk if they’re in the office.
Given the number of people involved, it was pretty obvious that this was going to be a big story. When we have a live blog we usually post the latest news there first as it is the quickest way to get information to you. Our digital editors either post a notification to the blog or read the draft of a separate standalone story as it’s being written and consider sending out notifications to let subscribers know what’s happening. We also quickly notify our print editors of large stories so they can reorganize the print pages for the next day’s newspaper to make room.
At 2:36 p.m. Thursday, we published an article titled “One of the Most Serious Cyber Attacks”: Customer Data Exposed at Optus Hack.
The Optus story unfolded quickly over the next few days. On Saturday I got a call from Sun Herald Editor Melissa Stevens. Bonyhady had uncovered information on a hacking forum where someone claimed to have offered the stolen data for sale, giving Optus a week to pay a ransom or the information would be offered to other criminals. Our first question in this situation is how serious does the information appear? In this situation, we took a number of steps to verify the claims and called some of the unfortunate individuals whose details had been made public. That let us know it was real data but left the question unanswered as to whether this was the real hacker or someone who might have accessed previously leaked information and wanted publicity. Of course, we reached out to Optus for comment. When we found out that the matter was under formal investigation by the police, we felt confident that we could publish a story and went live: Optu’s $1M ransom threat investigated.
There’s a fine line between what we should and shouldn’t publish, which usually involves discussions between reporters, a number of senior editors and our legal team. With so many Australians’ data at risk in this case, we feel a responsibility to let everyone know what is happening, but we don’t want to sound the alarm unnecessarily or publish anything that may be a scam. These are tough calls and are not taken lightly.
Over the week, the hacking story has evolved, shifting from a technology story to a political issue, with news that the federal government will overhaul the country’s cybersecurity and privacy laws as the Optus hack exposed how metadata laws are used to enable telecom companies to bank huge amounts of personal customer data.
Optus clearly has questions to answer here about how they store data and how secure their systems were, with widely differing views on the sophistication of the attack, launched by embattled Optus CEO Kelly Bayer Rosemary and German Cybersecurity Minister Clare O’Neil. is presented. But the broader issue of our metadata and how it is used has been uncovered and has become the increased focus of this coverage. This crisis still has a long way to go.
https://www.smh.com.au/national/nsw/optus-hack-exposes-metadata-fault-lines-and-privacy-concerns-20220930-p5bm8j.html?ref=rss&utm_medium=rss&utm_source=rss_national_nsw Optus hack exposes metadata error lines