Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Australia updates law to protect data after Optus hack

The Australian government has announced changes to its telecommunications law to protect vulnerable customers after personal details were stolen in a major cyberattack on the nation’s second-largest wireless carrier

Rod McGuirk
Thursday 06 October 2022 00:13 EDT

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Australian government announced changes Thursday to its telecommunications law to protect vulnerable customers after personal details were stolen in a major cyberattack on the nation’s second-largest wireless carrier.

The changes to Telecommunications Regulations allow Optus and other providers to better coordinate with financial institutions and governments to detect and mitigate the risk of cybersecurity incidents, fraud, scams and other malicious cyber activities, Treasurer Jim Chalmers and Communications Minister Michelle Rowland said in a joint statement.

“What this is all about is to try and reduce the impact of this data breach on Optus customers and to enable financial institutions to implement enhanced safeguards and monitoring,” Rowland told reporters.

More than one in three Australians had personal data stolen when Optus lost the records of 9.8 million current and former customers including passport, driver’s license and national health care identification numbers in a hack discovered on Sept. 21.

The hacker dumped the records of 10,000 of those customers on the dark web last week as part of an attempt to extort $1 million from Optus, a subsidiary of Singapore Telecommunications Ltd., also known as Singtel.

Optus ran full-page ads in Australian newspapers on Saturday under the headline: "We’re deeply sorry.”

The ad included a link to an Optus website that details actions customers can take to avoid identity theft and fraud.

The government can change regulations without reference to the Parliament. But the government hopes to pass changes to the Privacy Act through the Parliament during its final four sitting weeks of 2022 in response to the Optus breach.

The changes would include increased penalties for companies with lax cybersecurity protections and curbs on the quantities and types of customer data that businesses can amass, as well as the duration for which personal information can be kept.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in