Optus loses bid to hide Deloitte report on data breach

By

Detailed forensics could come to light through class action.

Optus has lost its bid to appeal an earlier Federal Court decision granting access to portions of a forensic review of its 2022 data breach to a law firm as part of a class action lawsuit.

Optus loses bid to hide Deloitte report on data breach

The finding that the forensic report is not protected by legal privilege is a win for Slater and Gordon in the case it launched on behalf of more than 10,000 clients whose personal information was compromised. 

The law firm is seeking to demonstrate that negligence contributed to the exfiltration of customer data and may cite the report's findings based on the extent to which they substantiate assertions.

Although the report, which was prepared by Deloitte, will not be made public, portions will likely be released as the case progresses. 

The Australian Financial Review reported that that while Optus accepts the judgment, it is “considering seeking confidentiality orders relating to elements of the report that we believe are key to the ongoing protection of our customer data and our systems from cyber criminals.”

The case hinged on the reasons that the Deloitte review was commissioned, and whether it was for legal advice purposes alone or for other reasons as well.

An October 2022 media release stated that the review would also "help ensure [Optus] understands how [the data breach] occurred and how we can prevent it from occurring again.

"It will help inform the response to the incident for Optus. This may also help others in the private and public sector where sensitive data is held and risk of cyber attack exists," the media release stated.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Services Australia's sweeping security uplift plans for myGov

Services Australia's sweeping security uplift plans for myGov

Medibank allegedly missed EDR alerts before data breach

Medibank allegedly missed EDR alerts before data breach

Northern Beaches Council reviews security stack to shore up widening perimeter

Northern Beaches Council reviews security stack to shore up widening perimeter

CrowdStrike rejects Delta Air Lines claims over outage

CrowdStrike rejects Delta Air Lines claims over outage

Log In

  |  Forgot your password?