Australia: Privacy Commissioner published determination against Optus over failure to protect personal information in data breach

Privacy Commissioner published determination against Optus over failure to protect personal information in data breach

On 11 June 2026, the Privacy Commissioner published the determination finding Singtel Optus in breach of Australian Privacy Principle 11.1 under the Privacy Act 1988, which requires any entity holding personal information to take reasonable steps to…

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

infrastructure provider: internet and telecom services

Implementation Level

national

Government Branch

executive

Government Body

other regulatory body

Complete timeline of this policy change

Hide details

2021-08-06

under deliberation

On 6 August 2021, the Office of the Australian Information Commissioner announced an investigation …

2026-06-11

under investigation

On 11 June 2026, the Privacy Commissioner published the determination finding Singtel Optus in brea…

Description

Privacy Commissioner published determination against Optus over failure to protect personal information in data breach

Scope

Complete timeline of this policy change