(Reuters) – Australia’s media regulator is taking legal action against telecom carrier Optus, owned by Singapore Telecommunications, over a cyber attack it faced in September 2022, the telecom operator said on Wednesday.
Australia’s No.2 telco, had in September 2022 faced a massive data breach which exposed customers’ personal information, including home addresses, passport and phone numbers.
Following the incident, the country’s Prime Minister Anthony Albanese called for tougher privacy rules to force companies to notify banks faster when they experience similar data breaches.
About 10 million Australians, 40% of the population, are Optus customers and could not use smartphones, broadband internet or landlines for much of the day of the breach.
The Australian Communications and Media Authority is alleging that Optus Mobile failed to protect the confidentiality of personally identifiable information of its customers from unauthorised interference or unauthorised access.
The regulator did not immediately respond to a Reuters request for comment.
Optus has been taking necessary steps to mitigate the issue and has been cooperating with the authorities as the case moves to court, the company said.
It was unable to determine the proportion of penalties which may arise and it would defend the proceedings, Optus added.
Optus has been one of Singtel’s largest investments overseas though it has recently drawn public ire after a 12-hour network blackout that affected more than 10 million Australians.
Kelly Bayer Rosmarin, Optus’ then CEO, had resigned in November 2023 after the cyber attack and last year’s nationwide outage.
(Reporting by Rishav Chatterjee in Bengaluru; Editing by Nivedita Bhattacharjee and Eileen Soreng)
Comments