A $4million country mansion and a $400k pool renovation: The lavish life Optus boss was living before the telco found itself at the centre of a nationwide hacking catastrophe

• e-mail

There had been the occasional glowing profile on her rapid ascent up the corporate ladder, a science graduate raised in South Africa who went from senior executive at CBA, where her former boss Ian Narev admired her ability to 'disrupt' workplace culture and systems, to ruffling rivals' feathers by landing the big job at Optus just as the COVID pandemic was taking off.

But even amid lockdowns and disarray, her honeymoon period at Optus was clearly orchestrated to reinforce her corporate halo, stories appearing on how the 45-year-old working mum celebrated her first day in the job with a humble takeaway dinner at home, and how she had donated one month of her salary - undisclosed but understood to be much more than what she was on at CBA (which she left with a $5.15 million remuneration bundle) towards helping with those affected by COVID, and medical research.

She's been named among the Top 25 women in Asia Pacific finance, the top 10 businesswomen in Australia, and 50 Most Powerful Women in Australian Business.

And there have been the very public trappings of her prosperity for all to see, including a landmark Vaucluse mansion for which the mother of two and her husband, CBA executive Rodney Rosmarin, paid $15 million.

In March reports surfaced about them adding a new pool and spa, for $376,000, while a month ago they sold their country weekender, a historic mansion in Bowral, for nearly $4 million. A fortunate life indeed.

But today, the spoils of her success pale next to the crisis which has resulted in her truly becoming a household name, but for all the wrong reasons.

As the CEO of Optus she has been front and centre in the firing line over one of the biggest corporate bungles in years

that has impacted on millions of Australians, and made her front page news.

She enters a peculiar and ignominious club of celebrity CEOs, captains of industry who achieved a level of mostly unwanted fame, the sort of fame usually belonging to the likes of movie stars, politicians and sporting heroes.

In recent times we've seen everyone from the bosses of Star and Crown Casinos, Geoff Hogg and Ken Barton among others, to the former CEO of this masthead's parent company, Nine Entertainments' former CEO Hugh Marks, leave their once glittering thrones amid a barrage of bad press.

Bayer Rosmarin's professional reputation has been eviscerated on national television and talk-back radio, and now bears the stain of scandal that has proven tough for many of her peers to shake. Many never do.

'In these situations, a corporation needs a sacrificial lamb of sorts, which is usually the CEO. At this point I can't see how she is going to hang on to that job in the long term. There are around 10 million customers feeling very angry, a highly critical government, mainstream media and social media on the attack ... it's not looking good,' one of Sydney's most senior crisis management specialists told me this week, on the condition of anonymity given their close corporate links with Optus executives.

'But, and this is a big but, the worst thing would be for her to go now because if anyone is in a position to fix this problem, it is going to be Kelly Bayer Rosmarin.'

'The first 12 to 24 hours is critical in these crsis. She came out on the front foot in that time, which was good. But ever since, it appears the messaging has been drowned out by questions that remain unanswered.

'Then you have an unknown extortion actor, or actors, dominating the media cycle, fuelling the shit storm further, which Optus has no control over. From a reputational point of view, the last few days have shown they are not in control.'

From Qantas chief Alan Joyce to former James Hardie chair Meredith Helicar, we've seen how brutal it can be at the top of the corporate ladder.

Optus had high hopes for Kelly Bayer Rosmarin when she was appointed chief executive in April 2020 - and the South African-born banker had even greater expectations of herself. 

'We've done a lot of stuff but it will never be fast enough for me - I want to get to be the most loved everyday brand,' she said less than a year into the job.

Bayer Rosmarin, a former Commonwealth Bank executive, came to Optus without ever having worked in the telecommunications industry and served a year-long apprenticeship before assuming the top spot.

Kelly Bayer Rosmarin had an ambitious goal when she was appointed chief executive in April 2020. 'We've done a lot of stuff but it will never be fast enough for me - I want to get to be the most loved everyday brand,' she said less than a year into the job

About 9.8 million Optus customers have had personal details stolen in data breach, and a hacker has threatened to release 10,000 of those everyday unless the company gives into a ransom of $1.5million

Her first day in the role came as the nation was dealing with the early stages of the Covid-19 pandemic and it has been hard going ever since. 

Not only is Optus in an ongoing battle with market leader Telstra, which is twice its size and offers slightly broader coverage, but TPG Telecom has become a serious competitor after merging with Vodafone in 2020. 

The cyber hack that has seen data belonging to 9.8 million current and former Optus customers being compromised puts Australia's second biggest telco a long way from being 'the most loved everyday brand'.

Slater and Gordon Lawyers are investigating whether to launch a class action lawsuit against Optus on behalf of former and current customers.

And a hacker claiming to be behind the security breach has reportedly released 10,000 customer records, demanding a $1.5million ransom.

The purported cybercriminal had been threatening to release 10,000 more records every day for the next four days if the ransom was not paid.

Optus boss Kelly Bayer Rosmarin (above) says the company couldn't  say much about the ransom threat as it was being investigated by the Australian Federal Police 

The ransom demand appeared on the dark web, with the hacker warning Optus had four days to decide 

The mysterious hacker has since apologised for the attack but Optus customers have begun receiving threatening text messages demanding they pay $2,000 to have their details erased. 

Data involved in the breach includes names, email addresses, phone numbers, dates of birth, home addresses and driver's licence and passport numbers. 

Bayer Rosmarin rightly insisted on Tuesday that the real villain in this security nightmare was the hacker but she is the public face of the disaster and for many observers, the buck stops with her. 

'Well, look, I think most customers understand that we are not the villains and that we have not done anything deliberate to put any of our customers at risk,' she told ABC Radio's AM program on Tuesday.

No one is suggesting Optus deliberately exposed its customers to such a data breach but how most of them feel about the company is less clear-cut. 

Until now, the lowest point in Optus's relationship with its subscribers was the debacle during the 2018 World Cup. 

For the first time, Australian fans of the round-ball football code could only watch most of the tournament's matches by being an Optus customer or paying $15 a month to stream games on its app.

The licensing deal with SBS was described at the time as unprecedented and the experience for viewers was certainly unique. 

The technology failed badly early in the competition, with streams dropping out, buffering or not working at all. 

Then-prime minister Malcolm Turnbull called Bayer Rosmarin's predecessor Allan Lew to ask what had happened and Optus eventually let SBS screen the remaining games because it could not guarantee fixing the problem.

Data involved in the breach includes names, email addresses, phone numbers, dates of birth, home addresses and driver's licence and passport numbers. Stock image above

Federal politicians have again been weighing into Optus's woes, with Prime Minister Anthony Albanese describing the data breach as a 'huge wake-up call'.

Home Affairs Minister Clare O'Neil has gone harder, launching a scathing attack on Optus in parliament in which she said the breach was a 'basic' hack.

O'Neil laid blame for the security failure firmly at the feet of the telco, describing it as potentially the result of simply leaving a 'window' open.

Home Affairs Minister Clare O'Neil slammed Optus saying the security breach was 'basic', however the telco has rejected those claims

'The breach is of a nature that we should not expect to see in a large telecommunications provider in this country,' O'Neil said on Monday.

'We expect Optus to continue to do everything they can to support their customers and former customers.'

Bayer Rosmarin rejected O'Neil's claim the hack was not sophisticated.  

'Unfortunately I think our briefing of the minister happened after she gave that interview,' Rosmarin told AM. 'But given we're not allowed to say much because the police have asked us not to.

'What I can say that hopefully should help people understand that it's not as being portrayed is that our data was encrypted and we have multiple layers of protection.'

Bayer Rosmarin reportedly has always enjoyed a challenge - she has described herself as 'very clam in a crisis' - and she has one on her hands right now. 

The 45-year-old joined Optus in March 2019 in the newly created position of deputy CEO, having served various senior roles since 2004 at the Commonwealth Bank. 

She had been named in the Top 25 Women in Asia Pacific Finance, the Top 10 Businesswomen in Australian and 50 Most Powerful Women in Australian Business. 

Running Optus was nonetheless a huge step up again. 

Covid immediately curtailed Bayer Rosmarin's ability to physically visit Optus's network of national offices and she found herself working from her Vaucluse home. 

By August 2020, Bayer Rosmarin was still upbeat when she told The Weekend Australian that Optus 'absolutely could be No 1 in mobile share over time'.

'I'd love to see it happen because we are so focused on customers that they choose us and they choose to stay with us,' she said. 

Nine months after her appointment Bayer Rosmarin told Nine newspapers she believed the telco industry was lacking new ideas in the fight to make profits.

'Despite being so fundamental and despite it being something that people actually love and use every day - it's a sector that globally is struggling for profitability,' she said. 

Optus customers have received threatening text messages warning their data will be leaked unless they pay $2,000 to a CBA account. One such text message is pictured

Under Bayer Rosmarin, Optus bought low-cost carrier Amaysim, which was viewed positively by the share market, and won approval from customers by freezing prices during the pandemic.

There have been other successes. 

Optus Sport has held the rights to the English Premier League since 2016 and renewed that deal as the competition's exclusive local broadcaster in late 2021 for six more years.

Bayer Rosmarin is a Manchester United fan and former Football Federation of Australia board member and the company is confident it will never experience another broadcasting disaster like the 2018 World Cup. 

The Singtel-owned provider had also been close to securing a broadcasting rights deal with Rugby Australia in 2020 before the pandemic hit.  

If the current data breach had happened in Europe the company responsible would face potential fines worth hundreds of millions of dollars but Bayer Rosmarin did not back tougher penalties here.

'Look, honestly I'm not sure what penalties benefit anybody,' she told AM. 

Federal politicians have again been weighing into Optus's woes, with Prime Minister Anthony Albanese describing the data breach as a 'huge wake-up call'. Stock image above

'I think what I can say is Optus is doing absolutely everything possible to be transparent, to be on the front foot. 

'We're communicating to every customer individually about which specific fields of theirs may have been accessed and we're working through that.'

Bayer Rosmarin said Optus was working closely with the Australian Cyber Security Centre and Australian Federal Police to identify the culprits.

'We definitely know that this is the work of some bad actors and really they are the villains in this story,' she said. 

'Now of course we will investigate thoroughly how it could happen, what went wrong, how we could have avoided it. 

'And later on if something comes out of that indicates that Optus have made an error or done something bad we will of course take full accountability for that. 

'But there’s a time and a place for that and we remain focused on doing everything we can to make sure no harm comes to customers as a result of this theft.'

Optus has announced it will be providing the most affected past and present customers with a free 12-month credit monitoring subscription to Equifax Protect. 

Asked if she had considered resigning, Bayer Rosmarin said: 'At the moment all we're focused on is protecting our customers, so someone has to be accountable for doing that and that's exactly what I'm focused on.'