AAPT and Melbourne IT face investigation by the federal privacy watchdog over a data breach that could involve as much as 40 GB of customer data.
"Today I opened an investigation into AAPT and Melbourne IT after customer data had been compromised in a recent hacking attack," Privacy Commissioner Timothy Pilgrim said in a brief statement.
"I will look at whether their practices were consistent with the Privacy Act at the time of the incident."
A 12-month-old backup of AAPT business website was compromised by hackers on July 25.
Hackers retrieved two "historic" data files from a dedicated server, hosted by Melbourne IT, which they accessed via an unpatched Adobe Cold Fusion vulnerability.
AAPT said at the time that "limited personal customer information" was compromised.
However, a subset of data including customer names, addresses and phone numbers, was leaked to the Pastebin website.
Some records included details from Federal Government agencies.
The same hackers also defaced Queensland Government websites hosted by Melbourne IT. The departments also faced a data breach, with contact and other database information posted online.