Australia: Announced AIC cybersecurity investigation into Optus following breach

On 11 October 2022, the Office of the Australian Information Commissioner (AIC) in coordination with Australian Communications and Media Authority (ACMA) opened an investigation into Singtel Optus Pty Ltd, Optus Mobile Pty Ltd and Optus Internet Pty Ltd (Optus). The investigation specifically concerns the data breach declared by Optus on 22 September 2022. The AIC and ACMA wish to confirm whether Optus took "reasonable steps" to protect the data of its customers and implement security systems that follow Australian Privacy regulations. If the investigation cannot confirm the required due diligence, the Commissioner may fine each inference AUD 2.2 million.