Australian authorities file proceedings against Singtel’s Optus, allege cyberattack-linked breaches

[SINGAPORE] The Australian Information Commissioner (AIC) on Friday (Aug 8) filed proceedings in the country’s federal court against Optus over alleged breaches linked to the cyberattack against the Singtel subsidiary in 2022.

The AIC is alleging breaches of Australia’s Privacy Act 1988 in relation to the incident in September that year, which resulted in a leak of the personal identification data of some 2.1 million Optus customers, said Optus in a bourse filing.

“The Optus entities will review and consider the matters raised in the proceedings, and will respond to the claims made by the AIC in due course,” said Singtel’s Australian unit.

Optus, the second-largest telco in Australia, said it does not know the quantum of penalties that will be imposed, which is for the federal court to determine.

If a contravention is found, the court will consider a number of factors and “apply a penalty amount it determines overall as appropriate, based on the events that occurred”, Optus said.

The group noted that the penalty amount is “not necessarily a direct calculation based on the number of contraventions”.

SEE ALSO

Optus’ performance in spotlight at Singtel AGM

Singtel’s Optus reaches settlement over alleged sales misconduct, including A$100 million proposed penalty

DECODING ASIA

Navigate Asia in
a new global order

Get the insights delivered to your inbox.

“As the matter is now before the Australian courts, the Optus entities will not be commenting further at this time.”

Singtel shares closed 0.7 per cent or S$0.03 lower at S$3.98 on Friday.