Personal Data Leak at Industry's No. 2 Telecom on 22nd Last Month
Damage Worsens as Information of Former Customers Who Terminated Contracts Is Also Retained
Since the hacking incident of Australian mobile carrier Optus on the 22nd of last month (local time), victims have been actively replacing their identification cards. The photo shows an Optus sign hanging in a store in Sydney, Australia. Photo by AP Yonhap News
[Asia Economy Reporter Kim Hyunjung] Since the large-scale hacking incident that occurred in Australia on the 22nd of last month, victims concerned about identity theft have been reissuing their identification cards.
According to a report by the UK Guardian on the 30th of last month (local time), one in three Australians affected by this hacking incident could be exposed to crimes such as identity theft or financial fraud, leading millions of people to replace their identification cards, including driver's licenses and passports.
Optus, the victim of the hacking attack, is the second-largest telecommunications company in Australia and a subsidiary of Singtel, Singapore's largest telecom company. Kelly Bayer Rosmarin, CEO of Optus, held a press conference on the 22nd of last month and disclosed that personal information of approximately 9.8 million people was leaked due to the hacking. The leaked personal information includes names, dates of birth, phone numbers, addresses, and details of passports and driver's licenses.
The scale of the data breach increased because Optus had retained personal information of former customers who had already terminated their contracts for several years.
In response, the Australian government is holding Optus accountable for this issue and is also considering imposing fines on companies with inadequate personal data protection at the level of the European Union (EU).
Currently, the maximum fine for personal data breaches in Australia is 2.2 million Australian dollars (approximately 2.03 billion Korean won). However, if penalties are strengthened to the EU level, companies could be fined up to 4% of their annual revenue. Optus's revenue last year was about 7 billion Australian dollars (approximately 6.5 trillion Korean won).
Australian Prime Minister Anthony Albanese stated on the 30th of last month (local time) regarding the hacking incident, "This is unacceptable," and added, "Optus has agreed to cover the costs for victims to replace their passports." He further said, "Australian companies must do everything possible to protect personal information, so we will work to strengthen the Privacy Act."
On the same day, the Australian Federal Police (AFP) announced that they had launched a special operation to protect the identities of 10,000 victims whose information had already been distributed online.
Meanwhile, a hacker claiming to be 'OptusData,' who asserted responsibility for the incident, posted online immediately after the event, stating, "We are businessmen. If Optus buys the data, we will sell it exclusively for 1 million US dollars (approximately 1.43 billion Korean won)." The hacker also threatened to leak information of 10,000 people daily until the ransom was paid. However, as Optus and the federal government took active measures, the hacker changed their mind, saying, "We deeply apologize. There are too many eyes watching, so we will not sell the data to anyone."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
