Stressing that the data was encrypted, she rejected Home Affairs Minister Clare O’Neil’s assertion that it was a simple hack that should never have happened.

“I think most customers understand that we are not the villains, and that we have not done anything deliberate to put any of our customers at risk,’’ Ms Bayer Rosmarin said.

“In fact, quite the contrary. We’re doing everything we can to prevent that from happening.

“What I can say, that hopefully should help people understand, is that it’s not as being portrayed. Our data was encrypted and we have multiple layers of protection. So it is not the case of having some sort of completely exposed APIs sitting out there.”

In an interview this morning, the telco CEO said there was a good deal of misinformation about the incident.

Stream more tech news live & on demand with Flash. 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

“We are putting people on high alert and asking them not to fall for the scams,’’ she said.

“And unfortunately, a lot of the data, the majority of the data that’s been accessed is data that is most likely out there already. So it’s very important as a good reminder to people to be super vigilant and not to fall for scams or click links that are sent to them in emails or SMS.”

Asked if she had considered resigning, she said her sole focus was dealing with the crisis.

“At the moment all we’re focused on is protecting our customers,’’ she said.

“So someone has to be accountable for doing that. And that’s exactly what I’m focused on.”

She conceded Optus didn’t know who or what had hacked the company.

“I wish that we knew who had done this but I can say we’re working very closely with the authorities, both the Australian Centre for cybersecurity and the Australian Federal Police, and we’re working closely and still have the aim of figuring out who did this, finding them, stopping them and retrieving the data,’’ she said.

“We definitely know that this is the work of some bad actors. And really they are the villains in this story. Now of course, we will investigate thoroughly how it could happen.

“What went wrong, how we could have avoided it later on, if something comes out of that that indicates that Optus has made an error or done something bad. We will of course take full accountability for that. But there’s a time and a place for that and we remain focused on doing everything we can to make sure no harm comes to customers as a result of this theft.

“In addition, what’s really important for people to understand is that we have had the Australian Centre for Cyber security, actually scan our perimeter. We have done that with an independent cyber expert as well. And that is because we want to make sure the environment is secure and that we don’t have any high risk open issues of the sort that’s been described in the media.

“We invest heavily in our cyber defences. And we really are doing everything we can to ensure that our environment is secure.”

Asked about the government’s warning that the company would potentially be facing penalties in the “hundreds of millions of dollars” in Europe, the Optus CEO said she did not support a tougher penalty regime in Australia.

“Honestly, I’m not sure what penalties benefit anybody,’’ she said.

The person allegedly behind the cyber attack on Optus has reportedly exposed the data of 10,000 customers in a bid to pressure the telco to give in to their ransom demands.

More Coverage

‘Too many eyes’: Optus hacker’s surprise move

Ally Foster

Aussies rage at three words in Optus email

Ally Foster

Originally published as ‘Not the villains’: Optus CEO Kelly Bayer Rosmarin’s bizarre data hack claim