Share this article on:
National plaintiff firm Slater and Gordon is looking into a possible data breach class action against Optus, in the wake of “potentially the most serious privacy breach in Australian history”.
Editor’s note: This story originally appeared on Cyber Security Connect’s sister brand, Lawyer’s Weekly.
In a statement issued on Monday afternoon, Slater and Gordon announced that it is investigating the initiation of proceedings against telco giant Optus, on behalf of current and former customers who have been affected by the unauthorised access to customer data announced by the company on 22 September 2022.
Speaking about the firm’s investigation, Slater and Gordon senior associate Ben Zocco said that while the circumstances that led to the breach and the scope of customer data unlawfully obtained were yet to be confirmed by Optus, the consequences could potentially be significant for some customers, and that the national plaintiff firm is assessing possible legal options for affected customers.
“This is potentially the most serious privacy breach in Australian history, both in terms of the number of affected people and the nature of the information disclosed,” Zocco said.
“We consider that the consequences could be particularly serious for vulnerable members of society, such as domestic violence survivors, victims of stalking and other threatening behaviour, and people who are seeking or have previously sought asylum in Australia.
“Given the type of information that has been reportedly disclosed, these people can’t simply heed Optus’ advice to be on the lookout for scam emails and text messages,” Zocco continued.
“Very real risks are created by the disclosure of their personally identifiable information, such as addresses and phone numbers.
“For other affected customers, the impact may be less serious. However, the fact that some customers appear to have had identification information such as drivers’ licence and passport numbers disclosed is extremely concerning,” Zocco went on.
“This information alone would go a long way in allowing a criminal to steal an affected customer’s identity.”
Slater and Gordon has extensive experience in mass claims arising out of privacy law, including having acted for class members in a landmark representative data breach case against the Australian government on behalf of thousands of asylum seekers whose personal information were leaked online in 2014.
“We are continuing to explore potential legal avenues for affected customers,” Zocco noted, adding that those impacted should “remain vigilant” and look out for suspicious account activity or contact by email, SMS and phone.
[Related: Optus hacked; customers warned to check in with their banks after personal data exposed]