Data security laws questioned after Optus cyber attack
Share
The federal opposition states that the cyber attack on Optus, which has compromised millions of customers’ private information, is a dramatic wake-up call for the government on its data security laws.
Optus has confirmed that its customers’ names, dates of birth, phone numbers, email addresses, driver’s licence numbers, passport numbers or addresses could have been accessed in the attack. However, payment details and account passwords have not been compromised.
The telecommunications company said it was working with the Australian Cyber Security Centre to limit the risk to both current and former customers. Australian Federal Police, the Office of the Australian Information Regulator and other key regulators have also been notified.
While the government has initiated a review into data security laws in connection to social media platforms like TikTok, opposition communications spokeswoman Sarah Henderson said it won’t be completed until next year.
“This is all too little, too late,” she said.
“Rather than kick the can down the road, Labor must urgently consider all regulatory options and act immediately to improve the privacy and safety of Australians online.”
Related: ACCC warns Optus breach exposes users to fraud
Optus chief executive Kelly Bayer Rosmarin said in a statement that as soon as the telco learned of the attack it took action to block it and began an investigation.
“While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance,” she said.
“We are very sorry and understand customers will be concerned. Please be assured that we are working hard … to help safeguard our customers as much as possible.”
Scamwatch has advised Optus customers to secure their personal information by changing online account passwords and enabling multi-factor authentication for banking.
Affected customers should also place limits on bank accounts, monitor for any unusual activity and request a ban on credit reports if any fraud is suspected.
Senator Henderson said the opposition had for months been calling on the Albanese government to deliver tougher online privacy and data protection laws.
In July, it called on Labor to adopt the coalition’s Online Privacy Bill and earlier this month, she and other opposition MPs had criticised the government for failing to strengthen laws.
The Office of the Australian Information Commissioner said it would engage with Optus to ensure compliance with the requirements of the Notifiable Data Breaches scheme.
Under the framework, organisations covered by the Privacy Act must notify affected individuals as quickly as possible if they experience a data breach likely to result in serious harm.
With AAP
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria WA
Last Viewed