Australia mulls tougher cybersecurity laws after data breach

Sep 25, 2022, 12:39 PM | Updated: Sep 26, 2022, 4:08 am
FILE - A customer waits for service at a Optus phone store in Sydney, Australia, Thursday, Oct. 7, ...

FILE - A customer waits for service at a Optus phone store in Sydney, Australia, Thursday, Oct. 7, 2021. The Australian government said on Monday, Sept. 26, 2022, it was considering tougher cybersecurity rules for telecommunications companies after Optus, the nation’s second-largest wireless carrier, reported personal data of 9.8 million customers had been breached. (AP Photo/Mark Baker, File)

(AP Photo/Mark Baker, File)

CANBERRA, Australia (AP) — The Australian government said on Monday it is considering tougher cybersecurity rules for telecommunications companies and blamed Optus, the nation’s second-largest wireless carrier, for an unprecedented breach of personal data from 9.8 million customers.

Optus said last Thursday it had become aware the day before of the cyberattack which obtained the details of 9.8 million people — of Australia’s population of 26 million.

Cybersecurity Minister Clare O’Neil told Australian Broadcasting Corp. the hack was an “unprecedented theft of consumer information in Australian history.”

For 2.8 million current and former Optus customers, the breach involved “significant amounts of personal data,” including driver’s licenses and passport numbers, O’Neil said.

Those 2.8 million people are at significant risk of identity left and fraud, she said.

“The breach is of a nature that we should not expect to see in a large telecommunications provider in this country,” O’Neil told Parliament.

In some countries, such a breach would result in fines “amounting to hundreds of millions of dollars,” O’Neil said.

Australian law doesn’t currently allow for Optus to be fined for the breach.

“A very substantial reform task is going to emerge from a breach of this scale and size,” O’Neil said.

“One significant question is whether the cybersecurity requirements that we place on large telecommunications providers in this country are fit for purpose,” she added.

Australian Federal Police said in a statement that reports the stolen data had already been sold were under investigation.

Australian investigators are working with overseas law enforcement agencies to determine who was behind the attack and to help shield the public from identity fraud, the statement said.

“To protect the integrity of the criminal investigation, the AFP will not divulge what information it has obtained in the first few days” of the investigation, police said.

Jeremy Kirk, a Sydney-based cybersecurity writer, said he used an online forum for criminals who trade in stolen data to ask someone who claimed to have downloaded the Optus information how it was accessed.

Optus appeared to have left an application programming interface, a piece of software known as an API that allows other systems to communicate and exchange data, open to the public, she said.

“It looks like it was a failure to secure the software system, so anybody on the internet could find it,” Kirk told Ten Network television.

O’Neil didn’t detail how the breach occurred, but described it as a “quite a basic hack.”

Optus had “effectively left the window open for data of this nature to be stolen,” she said.

O’Neil called on Optus to offer compromised customers free credit monitoring to protect them from identity theft, a request that the Sydney-based company complied with later on Monday.

Optus announced it was offering its “most affected” customers free 12-month subscriptions to Equifax Protect, a credit monitoring and identify protection service.

Optus said the information that had been accessed by an unidentified third party included customers’ names, dates of birth, phone numbers and email addresses.

Police and other government security agencies worked through the weekend to protect affected customers, O’Neil said.

Government agencies were also working with the banking sector to protect customers.

“This is complex. It’s legally and technically complex, but we are working on a solution,” O’Neil said.

Prime Minister Anthony Albanese described the breach as a “huge wake-up call for the corporate sector.”

Albany foreshadowed potential changes to privacy provisions so that banks can move more quickly to protect their own customers after such a breach.

“We know that in today’s world there are actors — some state actors, but also some criminal organizations — who want to get access to people’s data,” Albanese said.

Optus chief executive Kelly Bayer Rosmarin said in a statement last week that, “We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it.”

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

House Speaker Nancy Pelosi of Calif., accompanied by Senate Majority Leader Sen. Chuck Schumer of N...
Mary Clare Jalonick, Associated Press

Bill protecting same-sex, interracial unions clears Congress

WASHINGTON (AP) — The House gave final approval Thursday to legislation protecting same-sex marriages, a monumental step in a decadeslong battle for nationwide recognition that reflects a stark turnaround in societal attitudes. President Joe Biden has said he will promptly sign the measure, which requires all states to recognize same-sex marriages. It is a relief […]
18 hours ago
FILE - A Boeing 747-8, Boeing's new passenger plane, takes its first flight, Sunday, March 20, 2011...
Associated Press

Boeing’s last 747 to roll out of Washington state factory

After more than half a century, Boeing is set to roll its last 747 out of a Washington state factory on Tuesday.
18 hours ago
FILE - Phoenix Mercury center Brittney Griner during the first half of Game 2 of basketball's WNBA ...
Associated Press

Griner freed: WNBA star swapped for Russian, heads home

WASHINGTON (AP) — American basketball star Brittney Griner headed home Thursday night, freed from Russian prison in exchange for the U.S. releasing notorious Russian arms dealer Viktor Bout in the culmination of an eight-month saga of high diplomacy and dashed hopes. But the U.S. failed to win freedom for another American, Paul Whelan, jailed in […]
18 hours ago
Supporters of Howard Johnson, 24, who was fatally shot by police in St. Paul, Minn., on Monday, hel...
Associated Press

St. Paul police release body, car camera video of shooting

ST. PAUL, Minn. (AP) — Police on Thursday released video from body and squad car cameras that they said shows an exchange of gunfire between a St. Paul officer and the man he fatally shot, but the family of the dead man said the images fell short of their calls for full transparency. Howard Johnson, […]
18 hours ago
Associated Press

US asks appeals court to reverse deportation law ruling

LAS VEGAS (AP) — The Justice Department on Thursday conceded that a 1929 law criminalizing entrance to the U.S. after deportation was motivated by racism but said subsequent revisions made it constitutional, as it urged an appellate court to overturn a Nevada judge’s landmark decision striking it down. In an August 2021 order, U.S. District […]
18 hours ago
Associated Press

Mexico City warrant for opposition legislator draws anger

MEXICO CITY (AP) — Mexico City prosecutors announced Thursday they have issued an arrest warrant for the top opposition legislator in the city’s assembly, drawing cries of political persecution. The issue is a sensitive one for Mayor Claudia Sheinbaum, who has been unable to jail anyone for the 2021 collapse of a city subway line […]
18 hours ago

Sponsored Articles

Comcast Ready for Business Fund...
Ilona Lohrey | President and CEO, GSBA

GSBA is closing the disparity gap with Ready for Business Fund

GSBA, Comcast, and other partners are working to address disparities in access to financial resources with the Ready for Business fund.
SHIBA WA...

Medicare open enrollment is here and SHIBA can help!

The SHIBA program – part of the Office of the Insurance Commissioner – is ready to help with your Medicare open enrollment decisions.
Lake Washington Windows...

Choosing Best Windows for Your Home

Lake Washington Windows and Doors is a local window dealer offering the exclusive Leak Armor installation.
Anacortes Christmas Tree...

Come one, come all! Food, Drink, and Coastal Christmas – Anacortes has it all!

Come celebrate Anacortes’ 11th annual Bier on the Pier! Bier on the Pier takes place on October 7th and 8th and features local ciders, food trucks and live music - not to mention the beautiful views of the Guemes Channel and backdrop of downtown Anacortes.
Swedish Cyberknife Treatment...

The revolutionary treatment of Swedish CyberKnife provides better quality of life for majority of patients

There are a wide variety of treatments options available for men with prostate cancer. One of the most technologically advanced treatment options in the Pacific Northwest is Stereotactic Body Radiation Therapy using the CyberKnife platform at Swedish Medical Center.
Work at Zum Services...

Seattle Public Schools announces three-year contract with Zum

Seattle Public Schools just announced a three-year contract with a brand-new company to the Pacific Northwest to assist with their student transportation: Zum.
Australia mulls tougher cybersecurity laws after data breach