Following a big data breach at Optus, the country’s second-largest mobile provider, Australia suggested an update of consumer privacy legislation on Thursday that will assist permit targeted data exchange between telecommunication corporations and banks.
The cyber assault on Optus, which is owned by Singapore Telecommunications Ltd (Singtel), last month was one of Australia’s largest data breaches, compromising the data of up to 10 million subscribers, including home addresses, driver’s licence numbers, and passport numbers.
Telcos will be permitted to exchange government-issued identity papers with banks in order to undertake improved monitoring for clients affected by data breaches as a result of the amendments.
“They’ve been carefully developed with strong privacy and security measures to guarantee that only limited information may be made temporarily available to prevent and respond to cyber security problems, fraud, scams, and associated activities,” Treasurer Jim Chalmers said during a press conference.
He stated that the administration will make a recommendation to the governor-general to alter the privacy regulations.
The proposed improvements will also enable more fraud detection in the broader financial services sector by utilising existing industry methods for reporting illegal transactions, such as fraud information exchanges.
Due to data security concerns, Chalmers stated that the government will not reveal the names of financial institutions that get data from Optus.
When information is no longer necessary, banks must destroy it, and it may only be used to prevent or respond to cyber security problems, fraud, scam activity, or identity theft, according to the treasurer.
Since the Optus cyber assault, Australia’s telecommunications, banking, and government sectors have been on high alert, and amendments to privacy legislation have been recommended to assist institutions to take rapid action to avoid fraudulent transactions.
The Australian government, which believes the Optus breach was caused by a fundamental security flaw, has chastised the business for portraying the assault as sophisticated and for failing to notify impacted consumers.