To allow banks to implement enhanced monitoring for customers impacted by data breaches, the changes will enable telcos to share government-issued identification documents
Following a massive data breach at Optus, Australia on Thursday proposed an overhaul of consumer privacy rules that will help facilitate targeted data sharing between telecommunication firms and banks, the country’s second largest mobile operator.
Last month’s cyber-attack on Optus, owned by Singapore Telecommunications Ltd (Singtel), was one of Australia’s biggest data breaches, and compromised data of up to 10 million customers including home addresses, drivers’ licenses and passport numbers.
To allow banks to implement enhanced monitoring for customers impacted by data breaches, the changes will enable telcos to share government-issued identification documents.
“They’ve been carefully designed with strong privacy and security safeguards to ensure that only limited information can be made available temporarily to prevent and respond to cyber security incidents, fraud, scams and related activities,” Treasurer Jim Chalmers said during a media conference.
To amend the privacy regulations, the government will recommend to the governor-general, he said.
To report fraudulent transactions, such as fraud information exchanges, the proposed changes will also allow for increased fraud detection in the broader financial services sector through existing industry mechanisms.
Due to data security reasons, Chalmers said the government would not disclose details of financial institutions that receive the data from Optus.
To cyber security incidents, fraud, scam activity or identity theft, information received must be destroyed by banks when it is no longer required and can only be used for the sole purpose of preventing or responding, the treasurer said.
To help banks take immediate actions to prevent fraudulent transactions, Australia’s telecommunications, financial and government sectors have been on high alert since the cyber-attack at Optus and had flagged changes to privacy rules.
The Australian government, which believes the data breach at Optus was due to a basic security gap, had slammed the company for describing the attack as sophisticated and for delays in updating affected customers.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics