While Medibank might be stealing the cyber-attack headlines for all the wrong reasons, EFTM can reveal that Optus is still asleep at the wheel when it comes to basic customer care.
I’m going to keep this really simple, but it will be a rant. Optus just doesn’t understand the basic principals of customer care.
Optus was hacked on September 22, less than a week later around 10,200 people’s names, personal details and sometimes identity documents were published online. Those details will have been in the hands and databases of scammers within minutes.
A few days later, I wrote that the company had not made any effort to contact those 10,200 customers.
Fast forward a few weeks and their customer response was still in a shambles, at which time I called for the CEO to resign.
Harsh? Perhaps. But Ms Bayer Rosmarin is paid millions of dollars to lead the business, and the response to their customers falls well short of expectations.
Eleven days ago I met with a senior Optus communications executive to open the communications channels after a very quiet few weeks. They expressed their concerns over my harsh criticism of Ms Bayer Rosmarin. I came to the meeting with 40 printed pages of information.
39 of those pages were the verbose written comments of over 1,300 people expressing in the main very strong views of Optus’ handling of the communication and response to the cyber attack which were gathered during our annual EFTM Mobile Survey.. I felt the company deserved to read them.
But there was one other page. It was a direct extract from the 10,200 lines of data exposed online. The details of 79 year old Ruth.
I contacted Ruth by phone the day her information was exposed online. I was doing to so validate the information, and thus verify the hacker was legit.
I have contacted Ruth 2-3 times since then. One such time was the day before my meeting with Optus. Ruth had still not heard from Optus. I expressed to Optus that this was a massive failure, and that this lady, along with every other one of the 10,200 most affected Optus customers deserves a phone call.
Today, some 50 days after the hack, and probably 45 or more days since her information was published online, I called Ruth again. She’s still not heard from Optus. Not a phone call, not a text message, and certainly no email because the one on record is invalid.
Ruth is fine. She’s aware of the situation, and is being vigilant about emails she receives and wary of anything asking her to click links etc. Ruth was savvy when I first spoke to her, and Ruth has my number should she have any questions.
Why doesn’t Ruth have Kelly Bayer Rosmarin’s phone number? Or another direct account support person and their name at Optus.
Optus has thousands of Employees in Australia, let alone managers. Take the list of 10,200 names and split it up. Make 3-4 calls a day each and you’ll get to them all.
Problem is, the horse has bolted.
Optus’ CEO appears to be willing to chat to broadsheet newspapers covering the financial interests of the company, but hasn’t come close to talking to her customers either directly or via the types of Media that their customers read and listen to. Nope. Not at all.
And for the record, or perhaps more specifically for the Optus executives reading this, Medibank has failed in many ways, but their approach is vastly different. They contacted EVERY customer from the get go, and are now working through the individual customer outreach relating to their personal impact.
For reference, Medibank tell me that “The first 100 customers impacted by this cybercrime (leaked by the hacker) were contacted via phone some weeks ago – and they have a dedicated case manager supporting them. “
Additionally, they say “We wrote to 1,100 customers on Tuesday – people who are aware of their specific data that has been stolen by the criminal – to advise them that the cybercriminal had threatened to release stolen customer data online.”
It’s not rocket science.