Australian regulators have opened an investigation into telecoms provider Optus after a cyberattack compromised personal data from 10 million customer accounts.
The Australian Communications and Media Authority (ACMA) will examine whether Optus has been meeting its data security obligations.
Parent company Singtel is to be put under similar scrutiny by The Office of the Australian Information Commissioner (OAIC), just days after another cyberattack on its Australian-based Dialog unit.
The probes only add to Optus’s problems, which disclosed the breach on September 22 and has since come under heavy fire from the government and the public for not preventing the massive cyberattack.
Cyber Clampdown
Amid the widening fallout, the federal government has flagged it will overhaul data security laws.
This will force firms which have suffered a cyberattack to notify banks about customers who may be compromised. Several law firms are also considering filing class action lawsuits.
The OAIC said in a statement if it finds that “interference with the privacy of one or more individuals has occurred”, it may force Optus to take steps to ensure the breach cannot be repeated.
The agency added that if it finds there was a breach of Australian privacy law, it can seek civil penalties of up to A$2.2 million ($1.4 million) per contravention.
- Reuters, with additional editing from Alfie Habershon
Read more:
Singtel Unit Hit by Cyber Attack Weeks After Optus Breach
Canberra Says Optus Should Pay for New Passports After Hack
Australian Government Blames Phone Giant for Huge Data Hack