Honestly you couldn’t script this shit if you tried. Optus CEO Kelly Bayer Rosmarin continues to live in a bubble protected by people who just can’t admit to her that the company made vast mistakes in their handling of the data breach late last year.
Ms Bayer Rosmarin was speaking at the AFR Business Summit where she told those gathered that “there’s a lot of lessons in all of this for all stakeholders and media should be included in that” according to the AFR.
Her attack on the media was clear, Ms Bayer Rosmarin saying “For me, it made it very clear that the media wasn’t always focused on what they should have been, which was accurate, good reporting, that actually was helping the public make sense of and respond appropriately to this incident. The fact that some of them were focused on where I happened to be on a particular day or the name of my dog – that’s really not newsworthy.”
I agree, no one cares about the name of your dog. But let’s be clear, the CEO of Australia’s second biggest Telco, having just suffered the biggest data breach in Australian history, was at home. Day after day. Around 10 days it is reported Bayer Rosmarin stayed at home following the incident.
This followed her return to Australia, having learned about the Incident while in the USA on business. So, instead of spending countless hours at the Optus campus, in a war room, rallying her staff, talking directly to customers, managing the situation first hand – the CEO was at home, dialled in on Microsoft Teams we assume.
When asked about reflections and learnings from the incident, it’s reported Ms Bayer Rosmarin talked about better communicating the actual extent of the work required to unpack the incident and work out what was accessed and what was lost.
She also spoke of the customer impact, saying “And more importantly, not a single customer has suffered any financial loss or fallen victim to a crime through misuse of this data,” she said.
Um. What? Sure no customer may have been directly hacked, or had their identity stolen that we know of right now, but how many spent hours on the phone or in queues getting their passports changed or drivers licences updated. That’s an impact, that’s a financial loss if you consider the value of time and the work that might have been forgone.
Worst of all, There was no mention by the Optus CEO of their learnings from a customer care point of view. There was a lot of talk of the detail of their messaging, the millions of messages sent, but all of this fails to accept that what people wanted most was just to hear from Optus.
- Optus did NOT send a blanket email to all customers at the time of the attack.
- Optus did NOT send a blanket SMS to all customers at the time of the attack.
- It took weeks, many weeks in some cases for some customers to hear ANYTHING from Optus
- Optus did NOT (and still has not) contact directly, and individually the 10,200 customers whose personal data was published online during the hack.
And it’s that final point that is the most impactful. Despite EFTM directly representing the concerns of a single one of those 10,200 customers – that customer was never contacted by Optus to express their sorrow over the attack, or offer any direct support.
It’s a disgraceful example of customer service, customer care and basic decency.
How many customers did Kelly Bayer Rosmarin call personally in the 10 days she was at home, let alone the month following the event? We haven’t heard from any of them – did she call any?
That the CEO was happy to say this “the media wasn’t always focused on what they should have been, which was accurate, good reporting, that actually was helping the public make sense of and respond appropriately to this incident” shows her complete and utter lack of understanding of what the Media needs in these instances.
Personally, as someone who spoke on more radio and TV interviews about the Optus data attack than anyone else in the country, the fact their media team chose not to respond to requests for information, or to offer useless vague statements in response says more about their handling of the situation and the problems the media faced during this attack than anything else. At no point did anyone from Optus pick up the phone to talk with me about their issues, what they were doing and frankly how better I could be communicating the issues to their customers. Not once.
It was one full month after the attack before Optus attempted to question me on the way my coverage “seems to miss a few important points” – um – the horse had bolted by then. And even then, their biggest gripe was that I had called for the CEO to resign.
The more this goes on, the more I believe that Kelly Bayer Rosmarin is not fit to be the CEO of Optus, either that or she needs to get rid of every single advisor around her and get some people in who are going to tell her the truth about how things are and were handled and how they need to be done better.