Law firm HWL Ebsworth is facing a representative complaint filed with the Office of the Australian Information Commissioner over a 2023 cyber attack, which allegedly compromised the data of 65 government agencies and affected NDIS participants.
Medibank failed to put in place baseline security measures, including multi-factor authentication, to safeguard sensitive information from a hacker in 2022, who stole an IT contractor’s credentials and logged in to the health insurer’s private network three months before the company learned its data was compromised, the OAIC says.
A judge overseeing several cases against Optus over a September 2022 data breach has raised the possibility of hearing a class action against the telco alongside new proceedings brought by the Australian Communications and Media Authority.
A judge has thrown out a self-represented customer’s lawsuit against non-bank lender Latitude Financial after he defaulted on court orders and refused to join tech giants DXC Technology and Crowdstrike to his case over a cyberattack that compromised 14 million customer records.
The Australian Communications and Media Authority has brought proceedings against Optus over a September 2022 data breach that comprised the data of up to 10 million customers, the first lawsuit filed by a regulator following a string of major cyberattacks over the past two years.
A law firm investigating a group proceeding against non-bank lender Latitude over a data breach last year has called on the information commissioner to give an update on a related class action-style complaint.
A veteran regulator with decades of government experience has been appointed to lead the Office of the Australian Information Commission amid a major overhaul of privacy laws and simmering controversies over AI, children’s privacy and data security.
A judge has quashed the OAIC’s decision to reject a second class action-style complaint filed over the massive Optus data breach, finding the Privacy Act does not bar second-in-time proceedings.
More companies may find themselves in the position of Medibank — which recently failed to stay representative proceedings before the privacy regulator while a related class action is on foot — so long as the laws remain unchanged, and law firms are willing to gamble on privacy class actions.
A judge has dismissed a bid by Medibank to restrain the Office of Australian Information Commissioner from proceeding with a class action-style complaint on behalf of millions of the private health insurer’s customers affected by an October 2022 data breach.