 The data breach was one of the country’s biggest ever cyber attacks: Australia’s Communications and Media Authority (ACMA) has begun legal action against Optus, the country’s second largest telco, over a data breach it suffered in 2022. The watchdog has filed legal proceedings to the Federal Court, alleging that Optus “failed to protect the confidentiality of its customers’ personal information from unauthorised interference or unauthorised access,” and was therefore in breach of the Telecommunications (Interception and Access) Act of 1979. Between 17–20 September 2022, Optus suffered a data breach that affected up to 10 million current and former customers, comprising a third of Australia’s population. The breach resulted in the illegal acquisition of sensitive information, including names, dates of birth, addresses, and contact details. The then CEO Kelly Bayer Rosmarin was widely criticised for her handling of this situation, with the matter made worse by a major network outage in October last year that left nearly half of Australia’s population of 26 million without mobile or internets services for over 12 hours. Bayer Rosmarin resigned in November, saying that her resignation “is in the best interest of Optus moving forward.” Optus’s parent company Singtel said in a statement to investors that it intends to defend the legal challenge from the ACMA, adding that “Optus Mobile is not able to determine the quantum of penalties, if any, that could arise.” The company is already battling another lawsuit relating to the cyber-attack. After the event occurred, Optus hired Deloitte to conduct an assessment into the attack’s causes. Since then, those affected by the attack have hired law firm Slater and Gordon to initiate legal action, aiming to get the results of Deloitte’s investigation published. Keep up to date with the latest international telecoms news by subscribing to the Total Telecom newsletter Optus sued by regulator over 2022 cyber-attack | Total Telecom
|
