Gorodenkoff - stock.adobe.com
Optus has earmarked A$140m to cover the costs of managing the aftermath of its massive data breach in September 2022, according to its parent company Singtel.
In announcing the first half earnings in its 2023 fiscal year, Singtel said the provision has been made and recorded as an “exceptional expense” for a programme of customer actions, including an external independent review, third-party credit monitoring services and the replacement of identification documents where needed.
“We know there is much work to be done to regain the trust and confidence of our customers in Australia in the wake of the cyber attack,” said Singtel CEO Yuen Kuan Moon.
“We view this matter very seriously as cyber security and the protection of our customers’ information is of critical importance to the Singtel Group. While the cyber attack has regrettably interrupted Optus’ momentum at the end of the first half, we expect Optus to come back stronger,” Yuen added.
Australia has been seeing larger scale data breaches over the past year. According to the Office of the Australian Information Commissioner, there were 24 data breaches from January to June 2022 that affected 5,000 or more Australians, four of which reportedly affected 100,000 or more Australians. All but one of these 24 breaches were caused by cyber security incidents.
“The number of larger scale breaches caused by cyber security incidents reiterates the importance of entities having measures in place to protect, detect and respond to the range of cyber threats in the environment,” said Australian Information Commissioner and Privacy Commissioner Angelene Falk.
Despite the setback from the data breach, which compromised the personal data of some 10 million customers, Optus’ operating revenue was up 1% as growth across its mobile and fixed businesses had offset the absence of NBN (national broadband network) migration revenue.
Excluding NBN migration revenue, Optus’ operating revenue grew 2.3% while mobile service revenue rose 2%, driven by price increases, mobile customer growth and stronger roaming revenue from the rebound in international travel. Optus’ equipment sales also grew from more sales of high-end devices.
Still, Singtel said rapid and successive interest rate hikes in Australia, a weaker Australian dollar, and softer consumer and business sentiment due to a slowing economy, have resulted in a write-down of S$1bn on Optus’ goodwill.
However, it noted that this “non-cash impairment” does not affect its cashflow or its ability to pay dividends, nor does it impact Optus’ operational performance.
Singtel’s first half net profit rose 23% to S$1.17bn, boosted by a “net exceptional gain” from its partial divestment of its stake in Airtel, its associate in India. Its core telco business saw margin improvements, driven by mobile services that benefited from higher roaming revenue.
Read more about cyber security in Australia
- The massive Optus data breach that could have compromised the personal data of more than 10 million users has once again cast the spotlight on the cyber resilience of organisations in Australia.
- Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds.
- Australia is playing to its strengths in niche areas such as governance and deep tech to punch above its weight in the cyber security industry.
- Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia.