Optus Faces 2022 Data Breach Lawsuit Initiated by Australian Information Commissioner
Published
- Optus compromise: AIC has accused telecom operator Optus of violating the Privacy Act 1988.
- 2022 breach: About 10 million Australians were affected, which translates into roughly 40% of the population.
- What was exposed: Customers’ home addresses, passport details, and phone numbers are among the compromised details.
Australia’s privacy regulator has filed a lawsuit against Optus, the telecommunications giant owned by Singapore Telecommunications (Singtel), for its alleged failure to safeguard customer data during the 2022 data breach.
Both parties confirmed on Friday that sensitive information belonging to 9.5 million customers was compromised, including home addresses, passport details, and phone numbers, according to Reuters. Â
Details of the Lawsuit Â
The Australian Information Commissioner (AIC) has initiated legal proceedings against Optus, accusing the company of violating the Australia Privacy Act 1988, which concerns how government agencies and private entities handle personal information.Â
Each affected customer represents a potential violation, allowing the court to impose fines of up to AU$2.2 million (over US$1.4 million) per breach. However, the precise damages being sought have not yet been disclosed. Â
The proceedings target Singtel Optus Pty Ltd and Optus Systems Pty Ltd. The carrier, which is one of Singtel's key overseas investments, stated it is reviewing the claims but has not yet determined the financial implications. Â
Broader Impact of the Breach Â
The 2022 data breach, considered to be among the worst in Australia’s history, disrupted services for millions, with customers unable to access mobile, broadband, and landline functions.Â
Lasting ramifications have included public backlash, regulatory scrutiny, and the resignation of Optus CEO Kelly Bayer Rosmarin in late 2023 after further operational challenges. In 2024, Bloomberg reported the Volt Typhoon hacker group was allegedly behind a new breach at Singtel.
This data breach has also catalyzed discussions on enhancing cybersecurity regulations within Australia. Prime Minister Anthony Albanese has called for stricter privacy laws, including provisions for faster breach notifications to mitigate damage from similar incidents. Â
In May, telecom giants AT&T, T-Mobile, and Verizon were scrutinized for failing to notify lawmakers of surveillance requests.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular