Vicki Brady has used her first speech to Telstra shareholders since taking over as CEO to assure them of the telco’s “ongoing vigilance” in the face of cybersecurity threats.

Speaking at Tuesday’s annual shareholder meeting, Brady reiterated that Telstra’s recent data breach came through a third-party employee rewards program rather than the telco’s own systems.

“We are seeing increasing cyber threats, and the recent attack on one of our competitors puts into stark focus just how real these threats are,” Brady said, referencing last month’ historic Optus hack.

“We have taken important steps to protect our networks and customers, but ongoing vigilance is required, and the job is never done.”

Brady also signalled that the time was right for an overhaul of the way in which personal data is kept by large companies.

“With a growing number of these cyber-attacks some of our customers are asking us what ID documents we keep, for how long, and for what reason. These are all fair questions and people are right to be asking them.

“Like many companies we are subject to multiple pieces of legislation and rules in relation to retaining our customers’ ID data. We collect it and fiercely protect it through our cybersecurity capabilities.

“But we agree the time is right for a discussion on the laws around keeping data. As we do, we have to get the balance right – and it’s a fine balance – between identifying our customers, protecting them against fraud, maintaining their privacy, and helping law enforcement combat crime.”