Australian telecom Optus has been hit by a class action lawsuit from over 100,000 current and former customers following its cybersecurity breach.
According to Reuters, the class action members want compensation for the time and money they spent replacing their identity documents and for the distress, frustration, and disappointment caused by the cybersecurity breach. However, they have not specified an amount.
Slater and Gordon class actions practice group leader Ben Hardwick said the breach had potentially put customers at risk of domestic violence and other crimes, noting that one of the class action members is a victim of stalking and fears her life is in danger.
“Very real risks were created by the disclosure of this private information that Optus customers had every right to believe was securely protected by their telecommunications and internet provider,” Hardwick said.
Reuters said Optus has not yet received any court documents on the issue, but it will defend itself in the class action.
Last year, Optus suffered a massive cyber breach that compromised millions of customers' information.
In its previous announcement, the telecom offered assurances that payment details and account passwords were not compromised. It also shut down the attack, immediately notified the Australian Federal Police, and worked with the Australian Cyber Security Centre (ACSC) on the issue.
A few days after the breach, Optus confirmed authorities were investigating an online ransom demand.
The cyber breach led to intensified calls to address cyber insurance gaps in Australia – with the Insurance Council of Australia (ICA) stating that one of the limitations for insurers writing cyber insurance was the lack of available data.
“[The] extraordinary cyberattack on Optus and its customers demonstrates how important it is for large and small organisations to have robust cyber protections in place. This chilling example reminds us that more needs to be done to protect businesses and organisations from cyberattacks,” ICA CEO Andrew Hall said in a previous statement. “Working in partnership with government, insurers have a key role to play to help businesses protect themselves and recover from cyberattacks.”
