Security News > 2022 > October > Optus data breach prompts pincer movement of twin regulatory probes

Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident - which saw almost ten million locals' personal data exposed online.

One of the probes will be conducted by the Australian Communications and Media Authority, which will ponder "Obligations relating to the acquisition, authentication, retention, disposal and protection of personal information, and requirements to provide fraud mitigation protections." The Authority's chair, Nerida O'Loughlin, said "A key focus for the ACMA will be Optus's compliance with these obligations."

Significant customer data exposed in attack on Australian telco.

The data exposed in this breach appears to have been captured in line with obligations to verify the identity of telecommunications services customers - a measure aimed at preventing fraud and making it harder for criminals to acquire and use comms services anonymously.

Identity as a service is therefore now being discussed down under, with a third party repository of data suggested as a better alternative to individual businesses recording and storing details of personal documents.

Aadhaar has also been contentious as the colossal data trove it tends has been the target of attacks and leaks on a scale orders of magnitude greater than the Optus incident.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/11/optus_acma_oaic_dual_probes/