Despite a Federal Court decision that it cannot keep a report by Deloitte into a 2022 cyberattack secret, Singtel Optus appears to be unwilling to commit to publicly releasing the same.
Last September, Optus said it would not be releasing the report but that was before Slater & Gordon sought access and brought the Federal Court into the picture.
The law firm will now be allowed to obtain information from the report to bolster its case after the Federal Court turned down an Optus appeal to keep the report secret.
“Despite refusing to accept the umpire’s decision, Optus must now hand over the Deloitte report into how millions of its customers’ private information was accessed as a consequence of the 2022 data breach,” Slater and Gordon’s class actions practice group leader, Ben Hardwick, said on Monday.
{loadposition sam08}“Optus’ efforts to shield this report is indicative of a company that refuses to accept responsibility for its role in what happened, and the significant impact this data breach has had on millions of its Australian customers."
When iTWire contacted Optus on Tuesday to ask whether it would now make the Deloitte report available to the public, a spokesperson responded: "We respect the Court’s decision and are considering our position.
"Our priority is ensuring our customers have ongoing confidence in the integrity of our cyber defence systems.
"In this regard, Optus will consider our next steps which may include seeking confidentiality orders relating to elements of the report that we believe are key to the ongoing protection of our customer data and our systems from cyber criminals."
The cyber attack, which resulted in a massive leak of data, came to light on 22 September 2022.
Customer names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers were revealed.
Optus claimed at the time that payment details and account passwords had not been compromised.