CyberSecurityBoard
Sponsor Register Login

Australian Telecom Watchdog Sues Optus Over 2022 Data Breach

The Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people.
Optus suffered a major customer data breach in 2022 that gave malicious actors access to about 9.8 million former and current customers' sensitive information, including names, birthdates, phone numbers, email addresses and, for a subset of customers, addresses and ID document numbers, such as driver's license or passport numbers.
The latest filing is the second recent case the agency has brought against Optus.
In March, Optus paid a penalty of AU$1.5 million to the ACMA after the watchdog's investigation determined the company failed to upload the information of close to 200,000 customers to the Integrated Public Number Database in violation of the Telecommunications Act.
The database helps critical services warn citizens about disasters such as floods and bush fires and manages the Triple Zero service to share citizens' location information with the police, ambulance and fire brigade in an emergency.
The Office of the Australian Information Commissioner is also investigating the 2022 data security incident, and several Australian law firms have proposed class action lawsuits against Optus on behalf of millions of customers whose data was accessed and posted on the dark web by hackers.
The OAIC is also investigating whether Optus took reasonable steps to comply with the Australian Privacy Principles during and in the aftermath of the security incident.
Two months after the breach, the Australian Parliament passed amendments to the Privacy Act that empower the OAIC to issue fines of up to AU$50 million or 30% of a company's adjusted turnover in the relevant period, whichever is greater, for serious or repeated privacy breaches.
The government in its 2022 federal budget gave the OAIC funding of AU$5.5 million over two years to help investigate the Optus data breach incident.
In addition to the federal investigation and the ACMA lawsuit, Optus faces grueling legal battles ahead, as the Federal Court in November ruled against its motion to maintain the confidentiality of a Deloitte-prepared forensic report about the data security incident.
The ruling gives class action lawyers access to forensic details about the breach that they can use to strengthen their case.


This Cyber News was published on www.bankinfosecurity.com. Publication date: Mon, 27 May 2024 13:43:04 +0000


Cyber News related to Australian Telecom Watchdog Sues Optus Over 2022 Data Breach

Australian Telecom Watchdog Sues Optus Over 2022 Data Breach - The Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people. ...
1 month ago Bankinfosecurity.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
6 months ago Securityboulevard.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
5 months ago Securityzap.com
MSP DMARC Journey For Effective Lead Generation: Watchdog Cyber's Sucess Story - Watchdog Cyber delivers proactive cybersecurity solutions and compliance services tailored for businesses in the SMB space. With a focus on healthcare, logistics, education, and manufacturing industries, Watchdog Cyber ensures robust protection for ...
5 months ago Securityboulevard.com
HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
6 months ago Cysecurity.news
An Australian Person Receives Punishment for Fraud Involving Optus Security Breach - This week, Australian authorities sentenced a Sydney man for attempting to extort money from Optus customers using data stolen during a September 2022 data breach. The breach resulted in the theft of personal information belonging to 9.8 million ...
1 year ago Securityweek.com
Australian Organisations Face Tensions Between Personalisation, Privacy - Organisations in Australia face a significant challenge with data. Consumers are willing to share their data if it means better personalisation. On the other hand, there is a real concern about privacy, and while organisations are focused on looking ...
5 months ago Techrepublic.com
FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
4 months ago Bleepingcomputer.com
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
6 months ago Techrepublic.com
What a Digital ID Means to How Australians Interact With Businesses Online - Australia is about to get a national online ID system - the Digital ID - which promises to improve the security and privacy of data online. In just a few months, Australians will have access to a new form of ID, which aims to make identification ...
6 months ago Techrepublic.com
Australian healthcare provider St. Vincent's has data stolen during cyberattack - Australia's largest non-profit healthcare provider was hit by a cyberattack this week, resulting in data being stolen from its networks. In a statement on Friday, St Vincent's Health Australia said it was working with the Australian government and ...
6 months ago Therecord.media
Sydney Resident Punished for Extorting Optus Clients Following Data Infringement - A man from Sydney has been given an 18-month Community Correction Order and 100 hours of community service for attempting to exploit the Optus data breach that happened last year. The man, who was 19 when he was arrested in October 2022 and is now ...
1 year ago Thehackernews.com
Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
1 week ago Securityaffairs.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
7 months ago Bleepingcomputer.com
Prudential Financial data breach impacted over 2.5M individuals - Prudential Financial data breach impacted over 2.5 million individuals. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
5 days ago Securityaffairs.com
Google Fi User Data Breached Through T-Mobile Hack - According to Google Fi's email sent to its customers on Monday, a limited amount of their customer data was exposed in T-Mobile's breach after suspicious activity was noted in a system that contained Google Fi's customer data. Google Fi, Google's ...
1 year ago Hackread.com
DP World confirms data stolen in cyberattack, no ransomware used - International logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. The company says no ransomware payloads or encryption was used in the attack. On November ...
7 months ago Bleepingcomputer.com
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
5 days ago Securityaffairs.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
6 months ago Securityboulevard.com
Ticketmaster confirms data breach impacting 560 million customers - MUST READ. Ticketmaster confirms data breach impacting 560 million customers. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach ...
1 month ago Securityaffairs.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
6 months ago Securityboulevard.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
7 months ago Jdsupra.com
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
6 months ago Therecord.media
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
7 months ago Jdsupra.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)