Optus’ CEO did not respond to questions about the data breach, which affected 11 million customers

An Optus executive was left red-faced after claiming on live radio that every customer affected by Australia’s biggest cyber attack had been notified – only for a victim to ring up and claim she hadn’t been told.

An estimated 11.2 million personal addresses, dates of birth, phone numbers, passport details and driving licenses of Optus customers may have been compromised in last week’s data breach.

A mysterious hacker claiming to be behind the breach has since demanded that Optus hand over $1.5 million in ransom money in the form of Monero cryptocurrency or they will release the data.

On Monday, Sally Olerich – the telco’s director of corporate affairs for regulatory and public affairs – dialed the 2GB Breakfast program and said: “For customers whose data has been compromised due to this attack, we have now informed them.”

But then customer Casey Robinson called to report that her husband’s account had been hacked and personal information such as his phone number had been compromised back on September 12.

When Mr Smith asked if the telco had contacted Ms Robinson, she said they had contacted Optus themselves.

“You haven’t been informed by Optus what to do with your accounts?” the radio host said.

“Not a single email at all,” Ms. Robinson replied.

Mr. Smith then put the question to Ms. Olerich.

“You said you contacted everyone who you thought had their data compromised?” he said.

Ms. Oelerich replied, “As a result of this attack.”

“You’re saying Casey’s script doesn’t fit the circumstances!?” Mr. Smith shot back.

Ms Olerich then stumbled before apologizing to Ms Robinson for her husband’s data breach.

“It’s not something I would wish on my worst enemy,” she said.

At the time, the executive said all Optus customers who had been affected by the breach had been contacted by the telco, before Mr Smith indicated that was not the case.

“I don’t believe, well, I don’t know the personal circumstances of Casey or her partner,” she said, before demanding details from Ms Robinson and promising to follow up on her matter personally.

Earlier in the botched interview, Ms Olerich said she herself had been a victim of the cyber attack and her driver’s license number had been compromised.

She dodged several questions about the claims of the hackers who claimed to be behind the attack, instead telling Mr Smith that the matter was being investigated.

She added that the alleged hackers had not contacted Optus directly and could not “confirm if this is even legitimate”.

Tech experts believe the hacker’s claims are legitimate, but Ms. Olerich did not say whether she thought it was genuine, saying she was doing everything she was advised to “protect customers.”

On Saturday morning, the ransom demand appeared on an online forum, with the hackers warning the telco it had a week to respond.

‘Optus if you’re reading! the cost to us to not sell data is $1,000,000 US. We give you 1 week to decide,” reads part of the message.

The warning comes as Optus customers took to social media to express their frustration, with some claiming it took three days for Optus to get in touch with them personally.

On Friday morning, CEO Kelly Bayer Rosmarin issued an emotional apology to the millions of Optus customers whose data was compromised.

She confirmed that the account’s payment details and passwords were secure, but admitted she felt “terrible” that the breach happened on her watch.

“I think it’s a mix of a lot of different emotions,” she said, looking downcast.

“Obviously I’m angry that there are people who want to do this to our customers, I’m disappointed that we couldn’t prevent it.

“I am very sorry and apologize. It shouldn’t have happened.