Wikipedia

Wikipedia:Peer review/2022 Optus data breach/archive2

< Wikipedia:Peer review

2022 Optus data breach

edit
Toolbox
Article (edit | visual edit | history) · Article talk (edit | history) · WatchWatch peer review
Previous peer review

I've listed this article for peer review because I would like to nominate it to WP:FAC. I'm pretty sure that all major details relevant to the article are covered, but I'd like to get it checked over for anything that may be missing before nominating it, or any gaps that may disqualify it. Copyediting-related suggestions aren't necessary; I'll take it to WP:GOCE before nominating it.

Thanks, JML1148 (talk | contribs) 01:17, 4 October 2023 (UTC)[reply]

I reviewed the article and thought it was well written, sourced with reliable sources and appears ready for publication to WP:FAC. The one question I had after reading the article is whether the goverment paid the ransom as the request for money was taken down and the suspect who was prosecuted does not seem to be the one who instigated the data breach. Jurisdicta (talk) 15:36, 12 November 2023 (UTC)[reply]
@Jurisdicta: Apologies for the delay to the reply. There was no ransom paid - I've clarified that in the article. The 'suspect who was prosecuted', who I assume to be Dennis Su, did not participate in the breach nor is it implied in the article that he did so, instead, he used the already-released data to blackmail customers. JML1148 (talk | contribs) 06:53, 3 January 2024 (UTC)[reply]
Thank you, I appreciate you following up and adding that portion of the article. I believe it helps create a complete picture. Jurisdicta (talk) 14:20, 27 January 2024 (UTC)[reply]

Comments from Sohom

edit

Not really experienced with WP:FAC but I do want do a bit of a review since this falls under the "related to cybersecurity" category.

  • noting the lack of a secure mail/messaging contact or bug bounties Was there no contact information at all? or no security specific email address/contact ? This statement is a bit ambigious :)
  • believed to be legitimate by some cybersecurity experts, - I think this is implied, it might instead be usefull to point out that some cybersecurity experts thought this might be a hoax, if there was a significant minority/majority of them
  • some cybersecurity experts btw, who were they? can we name names?
  • The government could not assist with the clean-up following the breach, or compel Optus to give government services information. why, what stopped them ?
  • including a new cyber office - Can you explain what "cyber office" is and what it's duties were ?
  • a second number to driver's licenses were fast-tracked - How does this relate to cybersecurity/making drivers licenses more secure, maybe that could be explained?

This were the nitpicks I found on a initial read through. Sohom (talk) 14:50, 8 December 2023 (UTC)[reply]

@Sohom Datta: Thanks for the peer review. Honestly I forgot that I listed this, and then I took a long wikibreak. JML1148 (talk | contribs) 05:37, 3 January 2024 (UTC)[reply]

Comments from RoySmith

edit

This article looks very familiar, especially the Macquaire Park image, but I can't place where I was involved with it earlier. So my apologies if any of this is stuff I've said before. This isn't a full review, just a few things that stood out to me on a quick read.

  • Per MOS:LEAD, "significant information should not appear in the lead if it is not covered in the remainder of the article." The following appear in the lead but not the body:
    • "third-largest telecommunications company"
    • "9.7 million current and former customers"
    • "over a third of Australia's population"
    • Actually, I'm only two sentences in and it looks like almost everything in the lead is not in the body, so that's got to be fixed.
  • "Optus was unable to state how many customers were affected". Unable, or unwilling? The source just has a quote from the CEO saying "It's just too early", which isn't quite the same as "unable".
  • The ransom note image is unreadable. I get the need for the reduced size to meet fair use, but in the current form, it doesn't provide anything useful to the reader. The original at abc.net.au has readable text. Maybe another way to meet fair use would be to just crop out a representative portion of the screenshot but leave the text large enough to be readable.
  • Please supply alt text for all images per MOS:ALT
  • I did a few spot-checks of references.
    • "Optus stated that they believe the hacker had scraped the company's consumer database". The source says, "The ABC has been told Optus believes those behind the intrusion scraped the consumer database...". That's not the same thing. As a nit, in that location, you've got two consecutive sentences cited to the same reference; those can be merged into a single citation.
    • "Home Affairs and Cyber Security Minister Clare O'Neil alleged that Optus was at fault for the attack..." verifies.
    • "Optus has promised to pay for the replacement of Australian and foreign passports that have been compromised in the breach." verifies.
    • "Su pleaded guilty in November 2022. He did not go to jail ..." verifies.

Query from Z1720

edit

@JML1148: This has been open since October, and it has been a month since the last comment. Is this ready to be closed, or are you seeking more comments? Z1720 (talk) 19:23, 2 March 2024 (UTC)[reply]

I think I'll close it. It's been a long time since anyone's commented. JML1148 (talk | contribs) 23:54, 2 March 2024 (UTC)[reply]
Retrieved from "https://en.wikipedia.org/w/index.php?title=Wikipedia:Peer_review/2022_Optus_data_breach/archive2&oldid=1211517926"