To protect customer data and comply with privacy laws, the Office of the Australian Information Commissioner (OAIC) was investigating whether the Singapore Telecommunications Ltd-owned company took reasonable steps
After a data breach of the systems resulted in the theft of personal data from up to 10 million accounts, two Australian regulators said on Tuesday they have opened investigations into Optus, the country’s No. 2 telecoms provider.
The probes only add to headaches for Optus, which disclosed the breach on 22 September and has since come under heavy fire from the government and the public for not preventing the massive cyberattack.
To protect customer data and comply with privacy laws, the Office of the Australian Information Commissioner (OAIC) was investigating whether the Singapore Telecommunications Ltd-owned company took reasonable steps, OAIC said.
In terms of the keeping and disposing of personal data, the Australian Communications and Media Authority was investigating whether Optus met its industry obligations as a telecommunications provider, said ACMA.
Amid the widening fallout, to force firms which have had a cyberattack to notify banks about customers who may be compromised, the federal government has flagged it will overhaul data security laws. Several law firms are also considering filing class action lawsuit.
The OAIC said in a statement if it finds that “interference with the privacy of one or more individuals has occurred”, it may force Optus to take steps to ensure the breach cannot be repeated.
The agency added that it finds there was a breach of Australian privacy law, it can seek civil penalties of up to A$2.2 million ($1.4 million) per contravention.
ACMA Chair Nerida O’Loughlin said in a statement that failure by telecommunications providers to safeguard customer information “has significant consequences for all involved.”
Australian Competition and Consumer Commission Chair Gina Cass-Gottlieb told a parliamentary hearing the regulator was receiving 600 calls a day from people concerned about the Optus breach, although few had been scammed as a result.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics