Optus data breach incident far from over
Further to our recent article on Optus’ data breach here’s a quick update. Customers affected by Optus’ data breach are still far from being safe from hackers.
What now?
Recent Optus developments demonstrate just how far these incidents can spread:
- On 8 November 2022, Optus offered its customers a free 12 month subscription to Equifax Protect, to assist in credit monitoring and identity protection. This was offered in an attempt to limit the risk of identity theft and financial loss.
- Only 3 days later, on 11 November 2022, Optus warned of an SMS phishing campaign targeting individuals impacted by its recent cyberattack. Affected individuals have received an SMS claiming to be from Equifax, which aligns with Optus’ offer. However, the link is actually a malicious link, asking individuals to verify their identity using credit card information.
New phishing attempts causing further damage
Optus’ data breach is and remains a timely reminder to stay vigilant and keep an eye out for phishing attempts and scams.
Optus is still contacting customers who may or may not have been affected, and the spread of the data breach is continually increasing.
Optus is also currently being investigated by the Office of the Australian Information Commissioner and is likely to face penalties of up to $2.2 million for each breach of the Australian Privacy Act, as well as penalties from the Australian Communications and Media Authority.
Optus’ experience clearly shows that data breach incidents can extend beyond the original cyberattack. Consumers are now much more hesitant when providing any personal information to businesses and need to feel that the business is taking appropriate action to protect their information.
The Optus data breach has also accelerated the push for increased penalties for breaches of the Privacy Act. The proposed increase for business penalties is the greater of $50 million, 3 times any benefit obtained through the misuse of the data, or 30% of the entity’s adjusted revenue in the relevant period.
Need more information or assistance? We can help!
Given the increased focus on privacy and data protection, and the imminent proposed penalty increase, there are a few things you need to consider.
The information contained in this article is general in nature and cannot be relied on as legal advice nor does it create an engagement. Please contact one of our lawyers listed above for advice about your specific situation.
more
insights
Spotlight on Real Estate: Anti-Money Laundering and Counter-Terrorism Financing Regime
Professional Services face extra compliance requirements as Anti-Money Laundering and Counter-Terrorism Financing Regime gets green light
AI adoption in business: Unveiling the Senate’s blueprint for regulation
stay up to date with our news & insights
Optus data breach incident far from over
Further to our recent article on Optus’ data breach here’s a quick update. Customers affected by Optus’ data breach are still far from being safe from hackers.
What now?
Recent Optus developments demonstrate just how far these incidents can spread:
- On 8 November 2022, Optus offered its customers a free 12 month subscription to Equifax Protect, to assist in credit monitoring and identity protection. This was offered in an attempt to limit the risk of identity theft and financial loss.
- Only 3 days later, on 11 November 2022, Optus warned of an SMS phishing campaign targeting individuals impacted by its recent cyberattack. Affected individuals have received an SMS claiming to be from Equifax, which aligns with Optus’ offer. However, the link is actually a malicious link, asking individuals to verify their identity using credit card information.
New phishing attempts causing further damage
Optus’ data breach is and remains a timely reminder to stay vigilant and keep an eye out for phishing attempts and scams.
Optus is still contacting customers who may or may not have been affected, and the spread of the data breach is continually increasing.
Optus is also currently being investigated by the Office of the Australian Information Commissioner and is likely to face penalties of up to $2.2 million for each breach of the Australian Privacy Act, as well as penalties from the Australian Communications and Media Authority.
Optus’ experience clearly shows that data breach incidents can extend beyond the original cyberattack. Consumers are now much more hesitant when providing any personal information to businesses and need to feel that the business is taking appropriate action to protect their information.
The Optus data breach has also accelerated the push for increased penalties for breaches of the Privacy Act. The proposed increase for business penalties is the greater of $50 million, 3 times any benefit obtained through the misuse of the data, or 30% of the entity’s adjusted revenue in the relevant period.
Need more information or assistance? We can help!
Given the increased focus on privacy and data protection, and the imminent proposed penalty increase, there are a few things you need to consider.