Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Australia: Optus suffers cyberattack placing customer data at risk

Singtel Optus Pty Limited issued, on 22 September 2022, a press release noting that it had suffered a cyberattack in connection to which it is investigating the unauthorised access of current and former customers’ information. In particular, Optus, the telecommunications company, stated that upon its discovery of the cyberattack, which may have exposed among other things, customers’ names, dates of birth, phone numbers, email addresses, addresses, and ID document numbers, it had immediately shut down the attack and had notified the relevant authorities, including the Office of the Australian Information ('OAIC') and the Australian Cyber Security Centre ('ACSC'). Further to this, Optus expressed that it is working with the ACSC to mitigate risks to customers and will be updating its website with relevant information for customers regarding the breach. 

You can read the press release here

UPDATE (23 September 2022)

The ACSC flags Optus customer notification following cyberattack

The ACSC issued, on 23 September 2022, that Optus had notified customers of the cyberattack compromising customer information. In this regard, the ACSC noted further steps affected customers can take to mitigate risks in connection to the compromise of their personal information. 

You can read the press release here

UPDATE (26 September 2022)

OAIC advises customers on Optus data breach

The OAIC issued, on 26 September 2022, a statement on the Optus data breach, advising customers to continuously check the Optus website for updates and contact the company if needed. Additionally, the OAIC pointed to a number of resources with information on how customers can take steps to mitigate against risks from data breaches, including its guide on responding to a data breach notification, IDCARE, a fact sheet developed by the national identify and cyber support service, and the Scamwatch website. Furthermore, the OAIC noted that customers that have been affected by the data breach may make a privacy complaint to the OAIC, however they should ensure a complaint is made to Optus first. 

You can read the press release here.