The Australian regulator has initiated legal proceedings against Optus after a 2022 data breach compromised the personal information of 9.5 million Australians. This incident emphasizes the importance of robust data security measures and compliance with privacy laws for organizations handling sensitive data. #Optus #Breach #PrivacyAct1988
Keypoints
- Optus experienced a significant data breach affecting nearly 10 million customers in 2022.
- The breach involved sensitive information such as names, addresses, government IDs, and health details.
- The Australian Information Commissioner has filed civil action against Optus, citing breaches of the Privacy Act.
- The court may impose substantial penalties, with fines potentially reaching up to millions of dollars per contravention.
- The attackers exploited a misconfigured API, which allowed unauthorized access without authentication.
Read More: https://www.infosecurity-magazine.com/news/australian-regulatory-sues-optus/