By Alice Uribe
SYDNEY--Optus has hired external consultants to undertake an independent review of a massive data breach that exposed the personal information of nearly 10 million customers.
Optus, one of Australia's largest telecommunications companies and a unit of Singapore Telecommunications Ltd., said Monday that it has engaged Deloitte to perform a forensic assessment of the cyberattack and the circumstances surrounding it. The consultant will also review the company's security systems, controls and processes.
The cyberattack exposed personal information of 9.8 million customers dating back to 2017, including names, dates of birth, phone numbers and passport numbers, the company said earlier.
"This review will help ensure we understand how it occurred and how we can prevent it from occurring again. It will help inform the response to the incident for Optus," said Optus Chief Executive Kelly Bayer Rosmarin, who recommended that the review take place.
"This may also help others in the private and public sector where sensitive data is held and risk of cyberattack exists."
Optus said the review was supported unanimously by the Singtel board, which has been closely monitoring the situation since the incident came to light late last month.
"Deloitte's global specialists will work with the Singtel and Optus teams and other international cyber experts. Optus will continue also to engage with relevant stakeholders," Optus said.
Optus on Friday agreed to pay for replacement passports for those affected by the data breach after Australian officials demanded that the company meet the costs.
Write to Alice Uribe at firstname.lastname@example.org