Optus customers exasperated by chatbots and ‘rubbish’ communication after data breach

Some customers look to switch providers after puzzling responses and ‘less than helpful’ service

Optus customers say they are growing increasingly angry and frustrated at the poor communication from their mobile provider over the massive customer data breach that left millions vulnerable to identity fraud.

In the four days since Optus first reported that up to 10 million customers had personal information taken in a data breach, customers have been left scratching their heads over how Optus has communicated with them.

“I have contacted them several times and they could not confirm if my data was part of the attack or not,” one customer said on Monday. “Speaking with them this afternoon, my account is flagged as being compromised. Yet still nothing.”

Another customer who had been with the telco for more than five years said they had already looked to switch providers.

“I attempted to call over the long weekend but couldn’t get through. I spoke to a rep over the chat app yesterday,” Lex said.

“Their chatbot couldn’t understand what I was asking about, which didn’t help things. Once I got through to a rep, they didn’t offer much help.”

Sarah, another customer, said: “The comms have been absolute rubbish and the responses I’ve seen to the online chats less than helpful.”

Others have reported issues with Optus’ chat application, with staff on the other end initially denying the data breach and then offering limited and unhelpful advice.

A chat message said: “While reviewing the account we can see flash notes on the account and we are suspecting that your accounts has been the victim of cyber-attack but I would say nothing to worry about anything here because the moment we get to know that there has been cyberattack … we immediately took action to block the attack.”

One customer, who had been with Optus for more than 10 years told Guardian Australia he didn’t receive an email about the breach until Saturday – two days after it was announced.

“Most of the communications about the breach are being done through the media first,” he said. “It’s not giving me any faith that the company will actually improve their security since it’s all seen through a PR/reputation-fixing lens.”

Others said they were still waiting to hear from Optus.

Optus has said it went to media first to report the breach in order to reach as many people as possible.

Another customer said they were charged increased plan fees the day after Optus revealed the breach

“Ultimately, we are sitting ducks for identity theft, and given that we can’t change our dates of birth, address or names, there isn’t much we can do about it, which is incredibly frustrating,” they said.

In its media response to the breach, Optus first hosted an online call on Friday with the company’s CEO, Kelly Bayer Rosmarin, with questions entered into chat by journalists and read out by Optus staff.

The Australian federal police is investigating after the data was allegedly put up for sale online. On Saturday morning a post appeared on a data market from a user claiming to be in possession of the information obtained from the breach with a demand for $1m in Monero cryptocurrency.

On Monday, Optus put forward its head of corporate affairs, Sally Oelerich, on 2GB radio for an interview with host Chris Smith. The frustrated executive said she too was a victim of the breach, while refusing to go into any detail about how it occurred.

The interview came amid reports the breach was not a sophisticated cyber-attack as claimed but the result of an error that made the data available online.

Smith asked Oelerich if she thought the hacker was “legitimate” and Oelerich replied: “To me? Personally? Or me at Optus?”

She continued: “As someone who’s actually been compromised as well, I’m actually trying to do everything I’ve been advised to protect customers and that includes following advice from the Australian federal police.”

Earlier on Monday Optus would not say whether it would offer free credit monitoring services to customers to ensure any suspicious activity in their name was quickly picked up.

After the home affairs minister, Clare O’Neil, publicly called on Optus to offer the service during parliamentary question time, Optus announced that the “most affected” current and former customers would get access to a 12-month subscription to credit monitoring by Equifax Protect.

O’Neil said the incident was of a scale that Australians should not expect to see from a large telecommunications provider and that reform was needed, noting that such a breach in other jurisdictions would result in fines worth hundreds of millions of dollars.

Optus customers had their names, addresses, phone numbers, email addresses, dates of birth and ID numbers compromised in the breach.


Josh Taylor

The GuardianTramp

Related Content

Article image
Optus data security breach: what should I do to protect myself?
Experts say while ‘there’s no need to panic’, there are steps you can take to ensure you’re not exposed to scams or identity theft

Natasha May

26, Sep, 2022 @6:44 AM

Article image
Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach
Identification repair service receives a month’s worth of complaint calls in three days as government pressures telco to pay for replacement ID documents

Josh Taylor

29, Sep, 2022 @5:32 AM

Article image
Optus data breach: Australians will be able to change their driver’s licence with telco to pay
Federal opposition wants commonwealth to allow people to get new passports for free too – and quickly

Natasha May

27, Sep, 2022 @10:27 AM

Article image
Optus faces potential class action and pledges free credit monitoring to data-breach customers
Home affairs minister Clare O’Neil says company to blame and flags new laws with large fines for such breaches

Josh Taylor

26, Sep, 2022 @6:27 AM

Article image
Purported Optus hacker releases 10,000 records including email addresses from defence and prime minister’s office
Optus CEO says federal police are ‘all over’ post with ultimatum demanding $1m within four days after massive data breach

Natasha May and Josh Taylor

27, Sep, 2022 @1:32 AM

Article image
Anthony Albanese says ‘Optus should pay’ for new passports for data breach victims
Push comes day after states suggest telco will pick up multi-million dollar tab for replacing driver’s licences of affected customers

Josh Butler and Ben Butler

28, Sep, 2022 @9:57 AM

Article image
Optus data breach: who is affected, what has been taken and what should you do?
After a malicious cyber-attack, customers of Australia’s second-largest telco are advised they could be at risk of identity theft

Ben Doherty

22, Sep, 2022 @8:31 AM

Article image
Optus cyber-attack could involve customers dating back to 2017
CEO says company has not yet confirmed how many people were affected by hack, but 9.8 million was ‘worst case scenario’

Josh Taylor

23, Sep, 2022 @3:04 AM

Article image
Optus cyber-attack: how do you know if your identity has been stolen and what will happen to your data?
If you are an Optus customer, this is what you need to know

Josh Taylor

23, Sep, 2022 @8:00 PM

Article image
Government flags new cybersecurity laws and increase in fines after Optus breach
Clare O’Neil says penalties for telcos are ‘totally inappropriate’ and data breach was ‘significant error’

Sarah Martin and Paul Karp

26, Sep, 2022 @5:30 PM