Warnings ignored over $30k part that crippled Telstra

By Jacob Shteyman
Telstra executives Vicki Brady and Michael Ackland (file image)
Telstra executives have told an inquiry a faulty server was to blame for the telco's major outage. -AAP GRAPHICS

Telstra failed to act on repeated warnings to fix an impending bug in a $30,000 piece of equipment that ultimately triggered a devastating network outage.

US-based supplier Microchip Technology warned the telco multiple times a Network Time Protocol server required a software update to prevent a "rollover problem" that would take down the system, Telstra officials told a parliamentary inquiry in Canberra.

The snap inquiry was set up in response to the ensuing outage, which left train networks in disarray and customers unable to dial triple zero.

In a submission to the inquiry, the telco said a GPS card within the server did not operate as expected once power was restored to the device after scheduled maintenance.

The change had not been properly documented, meaning the maintenance team was not aware the issue would occur when the device was restarted.

A software update, which could have averted the outage, had also not been applied to the device.

Telstra chief executive Vicki Brady said she was "deeply sorry" for the failure.

"Telstra let Australians down. We let our customers down, we let the community down, and we fell short of what people rightly expect from us," she told the hearing on Friday.

"Triple zero sits at the heart of public trust in Australia's communication system.

"Telstra has a critical role in the system and we take that responsibility extremely seriously."

Gerard Tracey, the executive responsible for end-to-end service performance, said the supplier first warned about the impending issue in the SSU 2000 server - a 15-year-old piece of tech which costs about $30,000 - in November 2020 and Telstra was reminded again in January 2026. 

The issue resulted in the timing server being reset to 2006, causing invalid authentification certificates to spread across the network and preventing customers from making calls and accessing data.

If the update had been enacted or the server replaced, the issue would have been averted, Mr Tracey said.

Telstra has since updated the faulty server, as well as two others.

Inquiry chair Sarah Hanson-Young questioned why the repeated warnings had not been acted on.

"This doesn't seem like a complex matter. This seems like incompetence," the Greens senator said.

The reason why the warnings went unheeded would be probed in an external investigation Telstra had commissioned into the outage, Ms Brady said.

"Any software update creates a risk and we put it into testing," she said.

"In this case, they thought, given the design that was in place, it was not relevant because we were not using this equipment in a way that would trigger this risk."

At its peak, the outage impacted 45 per cent of all Telstra calls and data sessions, Ms Brady said.

"So it's not at the very worst, but it is absolutely up in that high category of nationwide (outage)," she said.

The telco has been in damage control since the outage occurred on July 8.

On top of the triple-zero outage, regional train services ground to a halt in Victoria and small businesses were unable to process EFTPOS transactions.

Telstra undertook 604 welfare checks on customers that were prevented from having triple-zero calls connected due to the outage.

The company has paid out more than $100,000 in credit to customers who were impacted and has received more than 8000 claims for compensation so far.

Communications regulator ACMA was also conducting an investigation, which would examine how Telstra alerted its customers and the regulator, and whether it had adequately maintained its network, chair Nerida O'Loughlin said.

ACMA is still working on an investigation into a separate Optus outage in September 2025.