Telecoms Data Breach Prompts Privacy Overhaul in Australia

26 September 2022, 14:00 GMT+0000
Updated by Geraint Price
26 September 2022, 14:00 GMT+0000
In Brief
  • Australia is primed to overhaul its privacy regulations, following a data breach at Optus, the country’s second largest telecommunications company.
  • Optus confirmed that the personal data of 10 million customers had been compromised, but that payment details and account passwords were not.
  • While an unidentified party requested $1 million in crypto for the data in an online forum, Optus neglected to authenticate the demand.
  • promo

Australia has announced its intentions to bolster privacy regulation following a data breach at the country’s second-largest telecoms firm.

The personal data of up to 10 million customers, some 40% of the population, has been compromised by hackers, reported Optus, which is owned by Singapore Telecoms Ltd. While Optus stressed that payment details and account passwords remained secure, some customers have had their home addresses, drivers’ licenses and passport numbers exposed. 

Those whose driving licenses or passport numbers were stolen have been alerted, the telco said, adding that it would provide the most affected customers free credit monitoring and identity protection through credit agency Equifax for a year. 

While the company neglected to explain how the security breach occurred, it said that the attacker’s IP address seemed to move throughout countries across Europe. According to local reports, an unidentified party had requested $1 million in cryptocurrency in exchange for the data in an online forum, though Optus had not confirmed its authenticity. 

“Huge wake-up call” – prime minister

In response to one of the country’s largest data breaches, the prime minister, Anthony Albanese, urged the passage of more accountable privacy regulations that would force companies to notify banks faster when they experience cyberattacks.

/Related

More Articles

Calling the incident “a huge wake-up call” for the corporate sector, Albanese acknowledged that some state actors and criminal groups want access to people’s data.

“We want to make sure… A that we change some of the privacy provisions there so that if people are caught up like this, the banks can be let know, so that they can protect their customers as well,” he told radio station 4BC.

Meanwhile, cybersecurity minister Clare O’Neil held Optus responsible for the breach. She emphasized that such lapses in other jurisdictions would result in fines upwards of hundreds of millions of dollars, such as laws in Europe that penalize companies 4% of global revenue for privacy breaches.

“One significant question is whether the cybersecurity requirements that we place on large telecommunications providers in this country are fit for purpose,” O’Neil told parliament.

Crypto scams on the rise in Australia

Although this instance is more a potential case of ransomware, Australians have lost over AU$242.45 million to crypto and investment scams so far this year, according to recent ScamWare data.

In response, a new division of the Federal Police was recently established in Australia to combat virtual asset-based money laundering. Stefan Jerga, the national head of criminal confiscation at the Australian Federal Police (AFP), revealed that the new task force has already surpassed its 2024 goal to curtail AU$600 million in illicit proceeds.

Disclaimer

BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.