Aus flags data security reforms after telecommunications breach - Canberra News
by IANS | Updated Sep 27, 2022
On September 22, Optus, Australia's second-largest mobile network operator, announced a cyber attack has exposed the data of up to 10 million current and former customers, with 2.8 million people significantly affected, reports Xinhua news agency.
Addressing the breach, O'Neil refuted Optus' claim that the attack was a sophisticated operation, describing it as "basic."
"We should not have a telecommunications provider in this country which has effectively left the window open for data of this nature to be stolen," she told Australian Broadcasting Corporation (ABC) television in an interview.
On Monday night, the hacker released records of 10,000 customers and threatened to continue doing so until Optus pays a ransom.
O'Neil flagged "very substantial" reforms to prevent further attacks and increase the penalties for companies with poor security.
According to a Guardian report, under the current Privacy Act fines are capped at A$2.2 million, a figure O'Neil said was "totally inappropriate", noting that in other jurisdictions such a breach would "result in fines amounting to hundreds of millions of dollars."
"Responsibility for the security breach rests with Optus and I want to note that the breach is of a nature that we should not expect to see in a large telecommunications provider in this country," she said in Parliament.
"I really hope this reform task is something we can work on collaboratively across Parliament."