Australia’s privacy commissioner has launched an investigation into an Optus data breach that saw the personal details of 50,000 customers published in the White Pages.
The Office of the Australian Information Commissioner (OAIC) opened the formal probe on Friday, close to two years after the Singtel-owned telco disclosed the data leak to customers.
The incident saw the names, addresses and mobile phone numbers mistakenly sent to Sensis and published in online (and potentially print) versions of its directories.
Optus took to snail mail in 2019 to notify affected customers of the leak, which it blamed on a “system error”.
OAIC said the action follows preliminary inquiries into “data breaches involving publication of Optus customer details in probe the White Pages” against the request of customers.
“The public disclosure of personal information against the wishes of individuals may have the potential to cause harm,” the watchdog said in a brief statement.
“The OAIC’s investigations can determine whether such matters involve systematic issues that can be prevented by ensuring the right practices are in place.
“In line with the OAIC’s Privacy Regulatory Action Policy, no further comment will be made while the investigation is ongoing.”
A spokesperson for Optus said the teclo would “continue to work collaboratively with the OAIC on this historic matter” and that it takes the protection of customer’s data “very seriously”.
Optus is also facing a class action lawsuit over the data leak, which Maurice Blackburn Lawyers considers the “first class action against a telco seeking compensation for a breach of privacy”.
“Until now no class action using the Act has been brought on behalf of customers seeking compensation,” it said in April 2020.
Earlier this year, OAIC ordered the Department of Home Affairs to compensate 1300 asylum seekers for inadvertently publishing their personal information online in 2014.