According to Macquarie Telecom Group Ltd., an Australian cybersecurity firm, companies typically pay a ransom for returning stolen customer data to hackers, indicating a lack of preparedness by Australian Cybersecurity industry.
“These are the largest corporations in the world, falling over themselves to pay criminals as fast as possible to cap their liability,” said Macquarie CEO David Tudehope. “In what other sphere of life do you see reputable corporates pay millions of dollars to criminals and somehow it’s all okay?”
Tudehope added that insurers that paid ransom to hackers had no way of ensuring data was deleted, meaning sensitive customer data was still at risk of being exposed online.
The revelation came after Medibank Private Ltd, Australia’s largest health insurer, revealed that a criminal had shown stolen personal health information of 100 of its 4 million customers and demanded payment for its return.
Meanwhile, the Australian government has announced that companies that suffer data breaches could face fines of up to A$50 million. This is stated in the Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022, which aims to increase the financial penalties levied on companies for repeated or serious breaches of privacy.
The sources for this piece include an article in Reuters.