Australia will introduce laws to parliament to increase penalties for companies subject to major data breaches, Attorney-General Mark Dreyfus said, after high-profile cyberattacks hit millions of Australians in recent weeks.
Australia’s telco, financial and government sectors have been on high alert since Singtel-owned Optus, the country’s second-largest telco, disclosed on September 22 a hack that saw the theft of personal data from up to 10 million accounts.
For the latest headlines, follow our Google News channel online or via the app.
That attack was followed this month by a data breach at health insurer Medibank Private, which covers one-sixth of Australians, resulting in personal information of 100 customers being stolen, including medical diagnoses and procedures, as part of a theft of 200 gigabytes of data.
Dreyfus, in an official statement issued on Saturday, said the government would next week move to “significantly increase
penalties for repeated or serious privacy breaches” with amendments to privacy laws.
The proposed changes would lift maximum penalties for serious or repeated privacy breaches from the current A$2.22 million ($1.4 million) to the greater of A$50 million, three times the value of the benefit obtained through the misuse of information, or 30 percent of turnover in the relevant period, he said.
When Australians were asked to hand over personal data to companies, they had a right to expect it would be protected, the
“Significant privacy breaches in recent weeks have shown existing safeguards are inadequate. It’s not enough for a penalty for a major data breach to be seen as the cost of doing business,” Dreyfus said.
“We need better laws to regulate how companies manage the huge amount of data they collect, and bigger penalties to incentivize better behavior.”
The announcement comes after the government earlier this month revealed plans to overhaul consumer privacy rules that would help facilitate targeted data sharing between telecommunication firms and banks following the breach at Optus.
In the wake of Optus attack, two Australian regulators opened investigations into the company, which has come under heavy fire for not preventing the hack, one of the biggest on record in Australia.
Australia subject to ‘state-based’ cybersecurity attack: PM MorrisonThe Australian government and other organizations are being targeted by a “sophisticated state-based cyber actor”, Prime Minister Scott Morrison said ... World News
Albania suffers renewed cyberattack, blames Iran: Interior ministryAlbania has suffered a renewed cyberattack, the country’s interior ministry said on Saturday, blaming Iran which Tirana also accused of an earlier ... World News
Japan probes possible involvement of pro-Russian group in cyberattackJapan is investigating the possible involvement of a pro-Russian group following the failure of multiple government websites, Chief Cabinet Secretary ... World News
Major cyberattack targets Montenegro governmentA major cyberattack has targeted government institutions in Montenegro, Prime Minister Dritan Abazovic announced, with Russia the chief suspect.The ... World News
Estonia says it repelled major cyberattacks after removing Soviet monumentsEstonia has repelled “the most extensive cyberattacks since 2007,” it said on Thursday, shortly after removing Soviet monuments in a region with an ... World News
Finland parliament website targeted in cyber attackFinland’s parliament said Tuesday its website came under cyber-attack, as the Nordic country applies for NATO membership following Moscow’s invasion ... World News
Cyberattack hits UK National Health Service’s 111 emergency lineA major cyber attack is delaying response times on the NHS 111 telephone service in the UK that’s used for medical emergencies, the Telegraph reported ... World News