Australian Regulators to Investigate Optus Over Cybersecurity Breach

October 11, 2022, Australian regulators opened investigations into Optus, the country’s second-largest telecoms provider, after personal data from up to 10 million accounts was stolen following a security breach.

The Australian government is holding Optus, which is owned by Singapore Telecommunications Ltd., responsible for failing to prevent the cyberattack. It is now up to the Office of the Australian Information Commissioner to determine whether the company took adequate steps to protect customer data and privacy. In addition to the federal proceeding, several law firms have class action suits in the works, and the Australian Competition and Consumer Commission has been receiving 600 calls per day about the breach.

The attack has prompted the Australian government to overhaul data security laws and force companies to disclose information to banks about customers whose data may have been compromised by cyberattacks. If the OAIC finds Optus failed in its duties to protect private data, the company could be fined up to $2.2 million AUD ($1.4 million USD) per violation.