Australia mulls tougher cybersecurity laws after data breach – The Australian government announced on Monday that it is considering tougher cybersecurity rules for telecommunications companies, following the disclosure by Optus, the country’s second-largest wireless carrier, that personal data of 9.8 million customers had been compromised.Optus said Thursday that it was made aware of the cyberattack the day before, which compromised the personal information of 9.8 million people in Australia’s population of 26 million.
According to Cybersecurity Minister Clare O’Neil, the breach involved “significant amounts of personal data” in the cases of 2.8 million current and former Optus customers.
“This is a breach of a magnitude that we should not expect to see in a large telecommunications provider in this country,” O’Neil said.In some countries, such a violation would result in fines “in the hundreds of millions of dollars,” according to O’Neil.Optus cannot currently be fined for the breach under Australian law.”A breach of this scale and size will result in a very significant reform task,” O’Neil predicted.”One significant question is whether the cybersecurity requirements we impose on large telecommunications providers in this country are appropriate,” she added.
O’Neil demanded that Optus provide compromised customers with free credit monitoring to protect them from identity theft, a request that the Sydney-based company met later that day.Optus announced a 12-month free subscription to Equifax Protect, a credit monitoring and identity protection service, for its “most affected” customers.According to Optus, the information accessed by an unidentified third party included customers’ names, dates of birth, phone numbers, and email addresses.
Personal data for a minority included identification documents such as driver’s licence and passport numbers.O’Neil said that police and other government security agencies had worked all weekend to protect affected customers.To protect customers, government agencies collaborated with the banking industry.
“This is complicated. “It’s legally and technically complicated, but we’re working on a solution,” O’Neil explained. Albany hinted at potential changes to privacy provisions so that banks can act more quickly to protect their own customers in the aftermath of such a breach.”In today’s world, we know that there are actors — some state actors, but also some criminal organisations — who want access to people’s data,” Albanese told Brisbane Radio 4BC.
“We are devastated to discover that we have been subjected to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” Optus CEO Kelly Bayer Rosmarin said in a statement last week.The breach, according to Prime Minister Anthony Albanese, is a “huge wake-up call for the corporate sector.”