Bunnings has been found to have breached privacy laws with the use of facial recognition technology in its stores, but the hardware chain has vowed to seek a review of the decision.
Australian Clinical Labs may seek to strike out part of the OAIC’s case over a 2022 data breach, arguing it would unfairly allow the watchdog to allege both single and multiple contraventions of privacy law.
Optus has struck back at ACMA’s claim that a cyberattack that exposed the information of around 10 million customers was not a “highly sophisticated” operation.
Australian Clinical Labs, which is facing regulatory action over a 2022 data breach, is fighting the information commissioner’s claim that it breached privacy laws 21.5 million times.
Medibank has denied breaching privacy rules in response to the regulator’s case over a 2022 cyber attack, but has admitted sensitive data was hacked in part because its network lacked multi-factor authentication.
The privacy regulator was alerted to hundreds of data breaches in the first half of 2024, the highest number in three and a half years, a new report shows.
A promised overhaul of the Privacy Act has begun with reforms that make doxxing a crime and could see businesses face new claims, including class actions, for serious invasions of privacy.
The OAIC will not investigate Clearview AI further after finding in 2021 that the US-based facial recognition software company breached privacy rules by scraping facial images from the web, but the regulator promised to weigh in soon on when the use of personal information to train AI could run afoul of privacy laws.
Law firm HWL Ebsworth is facing a representative complaint filed with the Office of the Australian Information Commissioner over a 2023 cyber attack, which allegedly compromised the data of 65 government agencies and affected NDIS participants.
Medibank failed to put in place baseline security measures, including multi-factor authentication, to safeguard sensitive information from a hacker in 2022, who stole an IT contractor’s credentials and logged in to the health insurer’s private network three months before the company learned its data was compromised, the OAIC says.