Rules Mate
Enforcement/oaicCWLTH

OAIC investigation — Optus 2022 data breach

civil penalty20 Mar 2025

In plain English

The OAIC investigated Optus’s 2022 data breach. This breach affected customers and involved personal information.

The Office of the Australian Information Commissioner (OAIC) investigated Singtel Optus Pty Ltd regarding a 2022 data breach. The breach involved customer personal information. The OAIC’s decision type was a civil penalty. Further details about the conduct and outcome are not available in the source.

breach-reportingconsumer-protectionprivacyndb

AI-assisted summary, grounded in the source link below. Generated 2026-05-23 via gemma3:12b.

Respondent

Singtel Optus Pty Ltd

Facts

September 2022 Optus breach exposed ~10M customer records. OAIC alleges APP 11 failures + delayed notification.

Outcome

Civil penalty proceedings underway — major test case under post-2022 penalty regime.

Read the source

https://oaic.gov.au/news/media-centre/

Rules Mate links to the regulator's own publication. We do not republish full decision text. Always verify the latest status against the source before acting.