Optus breach: New investigations launched, millions in fines on the table
Two separate but coordinated investigations launched
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Australian telecoms giant Optus is facing two additional investigations in relation to the majordata breachthat occurred last month. Depending on the results of the investigation, the company could be forced to pay more than $4 million in damages.
As reported byThe Guardian, the Australian Communications and Media Authority (ACMA) and the Office of the Australian Information Commissioner (OAIC) said they’d be launching “separate but coordinated” investigations.
ACMA will look into whether or not Optus complied with the rules and regulations of sensitivedata management, while OAIC wants to investigate the steps Optus took to protect customer data. Each investigation, the publication added, could result in a fine of up to $2.2 million, but it could take “some time” before any conclusion is reached.
Cooperating with the regulators
Optus said it is committed to working with the regulators on this issue, while ACMA chair Nerida O’Loughlin stressed the importance of trust: “When customers entrust their personal information to their telecommunications provider, they rightly expect that information will be properly safeguarded. Failure to do this has significant consequences for all involved,” she said.
Besides the two new investigations, Deloitte is also running an external review, while the Australian federal police is looking into who stole, and is trying to sell, the sensitive data.
Optus confirms customer data breach, says passport data may be affected>Optus data breach: what to do to safeguard yourself against identity theft>These are the best firewalls right now
Three weeks ago, Optus confirmed that data from both current and former customers had been accessed. The threat actors managed to obtain customeridentitydata, including names, dates of birth, phone numbers, as well as email addresses, of millions of people. Some customers have also had physical addresses, ID document numbers such as driver’s licenses or passport numbers exposed, as well.
Optus did not state who was behind the attack, what the motives of the threat actor were, nor how the systems ended up being compromised (for example, with phishing, ormalware). It did say that it managed to immediately shut the attack down.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
It also declined to say how many customers might have been affected by the breach, but given its user base, the number could be as high as about 10 million individuals.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
Washington state court systems taken offline following cyberattack
Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report
