Skip to main content
Media Releases

Optus data breach: update for APRA-regulated entities following Federal Government announcement

Optus data breach: update for APRA-regulated entities following Federal Government's announcement of planned changes to the Telecommunications Regulations 2021

 

APRA is working in close collaboration with the Federal Government, peer regulators and other relevant bodies to facilitate closer coordination and a controlled process of data sharing between Optus and APRA-regulated entities. This move follows the Federal Government's announcement of planned changes to the Telecommunications Regulations 2021, which is intended to provide greater protection to Australians following the recent Optus data breach.  

Key points:  

  • Any data shared can only be used for the purposes of implementing enhanced monitoring and safeguards for customers affected by the data breach. 
  • All APRA-regulated financial institutions, excluding branches of foreign banks, would be eligible to receive the data should they choose to.  
  • To opt in, entities will be required to provide written attestation to APRA Prudential Standard CPS 234 Information Security, in the context of accessing data from Optus associated with the recent breach.   
  • Entities will also need to provide written commitments to ACCC that they will comply with Privacy Act obligations.  
  • APRA, ACCC and relevant bodies are working closely to coordinate required steps. 
  • Once an entity has complied with these requests, it would work with Optus to facilitate access to the data.  

More information can be found here: Data breach - Frequently asked questions

Entities may email APRA at databreachinfo@apra.gov.au with further enquiries. 

Media enquiries

Contact APRA Media Unit, on +61 2 9210 3636

All other enquiries

For more information contact APRA on 1300 558 849.

The Australian Prudential Regulation Authority (APRA) is the prudential regulator of the financial services industry. It oversees banks, mutuals, general insurance and reinsurance companies, life insurance, private health insurers, friendly societies, and most members of the superannuation industry. APRA currently supervises institutions holding around $9 trillion in assets for Australian depositors, policyholders and superannuation fund members.