Giant Data Hack in Australia Risks Eating Into SingTel’s Profit

tech.hindustantimes.com:

The cost for Singapore Telecommunications Ltd. to make good customers exposed to one of Australia's worst data breaches risks wiping out more than one-quarter of its annual profit.

Optus, SingTel's Australian mobile-phone business, last week revealed hackers accessed the personal information of as many as 9.8 million customers -- over one-third of the population. Some 2.8 million of them lost details of passports, drivers licenses or government-issued medical identity cards, triggering concerns about large-scale identity fraud, according to the government.

One week after the hack was disclosed, the scale and the fallout -- as well as the potential costs for Optus -- are growing.

Prime Minister Anthony Albanese said the company should pay for replacement passports, while Australia's biggest states said Optus would pick up the tab for new driving permits. The government also plans to tighten cybersecurity legislation because of the breach.

Cyberattacks have become more common worldwide, exposing at least 11.43 billion customer records at several hundred entities in the space of more than a decade. Australian police are working with the US Federal Bureau of Investigation on the Optus hack. Home Affairs and Cyber Security Minister Clare O'Neil on Wednesday described the attack as “a big wakeup call” for corporate Australia.

The average cost incurred by a hacked company for each customer record lost is $150 to $200, said Ajay Unni, chief executive officer and founder of cybersecurity consultancy StickmanCyber. That includes compensation, legal bills and the cost of public relations campaigns. “Some organizations end up spending double that,” he said.

Applied only to the 2.8 million worst-affected Optus customers, that would equate