[BreachExchange] Optus faces class action after 50k customers' details sent to White Pages

Destry Winant destry at riskbasedsecurity.com
Tue Apr 28 10:08:53 EDT 2020


Lawyers test Privacy Act.

Optus is facing a class action lawsuit over the mistaken publication
of 50,000 customers’ details in phone directories, which the telco
disclosed late last year.

Maurice Blackburn Lawyers filed the complaint and said it is “the
first class action against a telco seeking compensation for a breach
of privacy.”

“In what is an important test of Australia’s privacy laws, the class
action is expected to seek compensation for affected customers,” the
law firm said.

Optus chose to notify customers of the breach via snail mail, saying
their name, address and phone number was mistakenly sent to Sensis and
published in online (and potentially print) versions of its

The telco attributed the data breach to a “system error”.

Maurice Blackburn Lawyers said that under the Privacy Act,
corporations which disclose personal details of clients “face
penalties including fines.”

“But until now no class action using the Act has been brought on
behalf of customers seeking compensation,” it said.

“Under the Act, consumers may be compensated for privacy breaches.”

Maurice Blackburn senior associate Elizabeth O’Shea said class actions
were “an essential legal mechanism which allowed consumers to seek for
corporate wrong-doing.”

An Optus spokesperson said the telco "is working co-operatively with
the Privacy Commissioner on this investigation."

More information about the BreachExchange mailing list