Australia Flags Increased Penalty for Data Breaches Major Cyberattack

Australia will introduce laws to parliament to increase penalties for companies subject to major data breaches.

Attorney-General Mark Dreyfus  said, after high-profile cyberattacks hit millions of Australians in recent weeks.

Australia's telco, financial and government sectors have been on high alert since Singtel-owned Optus.

The country's second-largest telco, disclosed on Sept. 22 a hack that  saw the theft of personal data from up to 10 million accounts.

That attack was followed this month by a data breach at health insurer Medibank Private, which covers one-sixth of Australians.

Resulting in personal information of 100 customers being stolen, including medical diagnoses and procedures, as part of a theft of 200 GB of data.

"Significant privacy breaches in recent weeks have shown existing safeguards are inadequate."

""It's not enough for a penalty for a major data breach to be seen as the cost of doing business," Dreyfus said.

"We need better laws to regulate how companies manage the huge amount of  data they collect, and bigger penalties to incentivise better  behaviour."