After hackers targeted the second-largest telecom company in the nation, Australia aims to modify privacy laws to enable banks to be alerted to cyberattacks on corporations more quickly, Prime Minister Anthony Albanese said on Monday.
One of Australia’s largest data breaches affected up to 10 million customers, or roughly 40% of the country’s population, according to a statement made last week by Optus, a company owned by Singapore Telecoms Ltd.
The company claimed that the attacker’s IP address, or the distinctive identifier of a computer, appeared to move between European nations, but it would not specify how security was compromised.
According to Albanese, some state actors and criminal organizations wanted access to people’s data. He called the incident “a huge wake-up call” for the corporate sector.
He said to radio station 4BC, “We want to make sure… that we change some of the privacy provisions there so that if people are caught up in this way, the banks can be informed, so that they can protect their customers as well.
In order to address a complex legal and technical issue, Cybersecurity Minister Clare O’Neil told parliament that “very substantial” reform work lay ahead.
One important question, according to her, is whether the country’s stringent cyber security regulations for big telecommunications companies are actually necessary.
A data breach of this size would incur fines totaling hundreds of millions of dollars in other jurisdictions, according to the statement.
A company spokesperson said in an email that Optus has informed customers whose passport or driver’s license numbers have been compromised. Passwords to accounts and payment information were not stolen, it continued.
In order to strengthen its cyber defenses, Australia promised in 2020 to spend A$1.66 billion ($1.1 billion) over the following ten years to improve the network infrastructure of businesses and residences.
