Home Business The government has put a blowtorch on Optus, so why did Medibank...

The government has put a blowtorch on Optus, so why did Medibank get the kid gloves?


It took Cyber ​​Security Minister Claire O’Neill five words to cut through the layers of Optus spin. Asked if she believed the company’s claims that it had been the subject of a “sophisticated” hack last month, she said: “Well, it’s not. So, no.”

The answer was bright and direct, which put the telecommunications company on the spot.

Cyber ​​security experts have sharpened their knives themselves. Alastair McGibbon, former head of the Australian government’s Cyber ​​Security Centre, said Optus’ management of the crisis was poor and made the situation worse.

Medibank – the victim of an even worse hack that revealed personal details such as whether someone was struggling with drugs – instead received full medical treatment from Team Australia. O’Neill, a master of strategically deployed invective, compared hackers to “dogs,” the “scum of the earth,” the lowest of the low.

The Opposition has called on Cybersecurity Minister Claire O’Neill (below right) to reveal the information the government had with Medibank under chief executive David Kochkar (above right).credit:Louis Trerise, Louise Kennerly, Arsine Huspian

But she didn’t have a bad word to say about Medibank, despite the company rolling out updates, each one confirming that the hack was worse than the previous update had suggested. What started with Medibank saying there was “no evidence” of access to customer data is now, two weeks later, a crisis covering all 4 million Medibank customers, and possibly close to that number in former members.

One would hope that Medibank would clarify this figure, but in reality it does not know the full extent of the breach. This is the crux of the critics’ complaints: instead of Medibank emphasizing in the early stages what it did not know, it stressed that there was no evidence that the worst had happened. It wasn’t a lie, but it’s a bit like being told the locks on your warehouse are broken and being told everything looks fine without checking the pawn shop on the way.


At first, it seems O’Neill had no more idea of ​​the full scope of the hack than the rest of us. Opposition cyber security spokesman James Patterson used parliament on Wednesday to press for a response from the government suggesting O’Neill first spoke to Medibank in person on or after October 19, seven days after the hack was first discovered, although he informed her office. But even as the full scale became increasingly apparent, with revelations such as the use of a username and password providing “high levels of access” to Medibank’s systems, O’Neill did not attack the company.

“Given the privacy of the data involved, this should have been taken more seriously from the start,” Patterson said in the text. “Once it became clear that credentials had been compromised, there was no excuse.”


Previous articleLabor’s budget motto was ‘all pain, no gain’
Next articleIVF: 23-year-old woman dies of rare disease during treatment