Summary

  • Senate hearing evidence adds a material layer to the known 8 July outage: Telstra had not applied a software update to the SSU-2000 timing unit, and a prior design change had not been documented for the maintenance team.
  • Telstra now says about 45% of mobile calls and data sessions were affected at peak, 58,835 Triple Zero calls connected and 604 encountered an error, each prompting a completed welfare check.
  • The economic issue is no longer just restoration time. More than 8,000 compensation requests, an active regulatory investigation and an external review turn deferred maintenance and weak change records into measurable liabilities.

The first account of Telstra's national outage was a story about time: a network-timing device restarted with the wrong date and ordinary mobile services failed across Australia. Evidence given to a Senate inquiry on 17 July changes the centre of gravity. The fault was not merely obscure. Telstra told the hearing that an available update had not been installed and that an intentional design change was missing from the maintenance record. Either control, the company acknowledged, might have prevented the outage.

That is a material follow-up to the earlier outage reporting, not another description of the same service interruption. It identifies decisions and control gaps that existed before maintenance began, quantifies the mobile and emergency-call exposure, and puts a current price signal around the consequences through compensation requests and possible regulatory action.

A routine restart met two unresolved risks

Telstra's account says technicians completed scheduled work on a Network Time Protocol server at 3:38am on 8 July while addressing a backup-power fault. The team followed the procedure, including restarting the device. A GPS card within the SSU-2000 unit then supplied the wrong date, allowing invalid timing to spread into systems that depended on it. Telstra detected a problem at 4:20am and isolated the affected device at 7:11am.

The hearing supplied the missing preventive context. The equipment contained an intentional design alteration made to address an earlier fault, but that change was not properly documented. The GPS card also lacked a software update intended to address a rollover risk. Contemporary reports differ slightly in their shorthand chronology of supplier reminders: accounts cite notices in 2020 and 2022, followed by a reminder in January 2026. The stable fact across the evidence is that the update remained outstanding when the server was restarted.

This distinction matters. A 15-year-old component is not automatically unsafe, and executives said the unit remained supported. Nor does its roughly A$30,000 replacement cost measure the full cost of testing, migration and network assurance. But age, a known update, an undocumented modification and a maintenance restart formed one control chain. Telstra's chief executive, Vicki Brady, said its processes had failed; the company's external investigation must now establish why those risks were accepted and whether similar gaps exist elsewhere.

Telstra says the failed unit and two others have since been updated. That closes the immediate exposure but does not prove that the wider asset register, update process or maintenance documentation is reliable. The stronger test is whether the review identifies all comparable devices, assigns owners and deadlines to known risks, and independently verifies that a restart cannot distribute implausible time across the network.

The hearing fixes the scale more clearly

At peak, approximately 45% of Telstra mobile calls and data sessions were affected. Telstra's opening statement also gives a clearer emergency-call denominator: 58,835 Triple Zero calls connected while 604 encountered the related error. The company says it completed 604 welfare checks and is not aware of any life-threatening outcome caused by the outage. It also says alternate-network access operated, with about 3,200 more Telstra-originated emergency calls than average carried over Optus and TPG networks.

Those figures should not be used to declare the fallback sufficient. Successful alternate-network carriage reduced the harm, but 604 attempts still failed at the point when callers sought help. Aggregate mobile traffic had largely recovered before Telstra identified and fixed the separate Triple Zero effect. That sequence makes emergency-call testing a distinct restoration condition, rather than something inferred from improving voice and data charts.

Earlier public reports cited more than 630 welfare checks, while Telstra's later statement reconciles 604 error calls with 604 completed checks. The final investigation should explain the difference in definitions and timing. It should also resolve the notification timeline highlighted at the hearing: Triple Zero Custodian officials said their first formal email from Telstra arrived at 7:14am, after other indicators had emerged.

Small maintenance decisions now carry financial consequences

Hearing coverage reported more than 8,000 compensation requests and more than A$100,000 already issued in customer credits. Those are moving totals, not an estimate of final cost. Claims will vary according to documented losses, and Telstra has said contacting 8.8 million people does not mean every recipient qualifies for payment.

The larger exposure is the cost of proving that a national carrier can govern its dependencies. The Australian Communications and Media Authority is investigating Telstra's compliance with emergency-call and outage-communication obligations. No breach or penalty has yet been determined. Telstra has separately commissioned an external expert to test its findings and has promised the results to the committee.

For investors and customers, the new evidence changes the watchpoints. The immediate questions are not whether the network is back or whether one server has been patched. They are how many known updates remain deferred, whether undocumented design changes can survive into maintenance procedures, how emergency access is tested after partial restoration, and whether compensation and enforcement costs reveal a broader weakness in operational assurance.

A low-cost device did not create a low-cost failure. Once timing, authentication, transport, payments and emergency access share a dependency, the economic value sits in the controls around the component: accurate records, disciplined updates, independent fallbacks and evidence that the most critical service still works after ordinary traffic returns.

Sources