Did hacked-Optus deploy its global cybersecurity giant to protect its Australian customers?

AUSTRALIA — Investigative news outlet, Klaxon raises questions about whether Optus, the second-largest wireless carrier in Australia, used its Trustwave, its own global cybersecurity giant to protect its customers in the wake of one of the biggest data breaches in the country.

Optus had earlier disclosed on 22 Sept that it has been a victim of a cyber attack and that it immediately shut down the attack upon discovery.

“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” said Kelly Bayer Rosmarin, Optus CEO in a release by Singtel.

Singtel, a Singapore government-controlled telecommunications conglomerate, had acquired 100% of Optus’ shares through its Australian subsidiary back in 2001. It is said that Optus had 10.5 million subscribers as of 2019.

“As soon as we knew, we took action to block the attack and began an immediate investigation. While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.”

Subsequently, in another release by Singtel on 3 Oct, Optus revealed that approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised.

This finding came after extensive ongoing engagement with more than 20 Federal, State and Territory government agencies and departments in Australia and the company said that it has communicated with these customers and recommended that they take action to change their identification documents.

In addition, approximately 900,000 customers have had numbers relating to expired IDs compromised, in addition to personal information.

This hacking scandal of personal information has since been widely reported by international news amidst harsh criticism by Australian politicians and questions have been asked in Australia as to whether the amount of private information companies hold on citizens should be limited.

Global cybersecurity company owned by Singtel and its rumored sale offer

Klaxon noted that US based cybersecurity company, Trustwave was bought by Singtel seven years ago for US$810 million and established Trustwave as “the global security arm of the group”.

What Trustwave offers as services are as follow:

  • Threat management
    Prevention of external and internal threats through a combination of intelligence, detection, protection and remediation services
  • Vulnerability management
    Proactive scanning, testing and remediation of database, network and application vulnerabilities to protect internal assets
  • Compliance management
    Multi-compliance frameworks that help businesses to identify and deploy security best practices

On its website, Trustwave says it has a “ global team of security professionals” comprised of “2,000-plus security-minded employees worldwide” who are “solely dedicated to protecting businesses” including “5,000-plus enterprise managed security services clients”.

Its “elite cybersecurity expertise” is “found nowhere else in the industry”, Trustwave says.

It provides the “largest breadth and depth of managed security services available from a single provider anywhere” and is “one of the most experienced, fastest growing MSSPs (managed security service provider) in the world”.

However, the report then cited Australia’s Cyber Security and Home Affairs Minister Clare O’Neil saying the “unprecedented” breach was a “simple hack”.

“What is of concern for us is how what is quite a basic hack was undertaken on Optus,” O’Neil told ABC’s 7.30 on 26 September. “We should not have a telecommunications provider in this country which has effectively left the window open for data of this nature to be stolen”.

The report pointed out that while Optus CEO Kelly Bayer Rosmarin said the breach “should not have happened”, she had claimed – repeatedly and consistently – that it was a “sophisticated” breach, directly opposing the findings of the Australian Government and its intelligence and cybersecurity agencies.

The Klaxon noted that it has been unable to find any IT or cybersecurity experts who back Bayer Rosmarin’s version of events.

It further highlighted in its report that it had sought a response from Optus on 28 September on the matter and the response which it got was that the company will not comment on the details of the attack to protect its customers.

Whether Optus was “using Trustwave, or not using Trustwave to its full extent”, said the report, will likely bolster the case for a class action, which some experts say would already “easily be Australia’s biggest” and could cost the telco “billions”.

Adding to the intrigue is that it has been reported by Bloomberg that Singtel was seeking to sell Trustwave “between US$200m and US$300m”, a sum far lower than what it had purchased it for seven years ago.

For a detailed write up on the connections between Optus and Trustwave, visit https://theklaxon.com.au/optus-runs-global-cybersecurity-arm/

Notify of
Inline Feedbacks
View all comments