Specifically, they will push through a complaint filed with the Office of the Australian Information Commissioner (OAIC) to secure the compensation. Maurice Blackburn last November initiated the formal representative complaint with OAIC, which has the authority to issue the directive for compensation. The three law firms said in a joint statement Monday that “tens of thousands” of affected customers already had registered for the class action suit. Medibank last October revealed a security incident that compromised the data of 9.7 million current and former customers, including 1.8 million international customers. After the health insurer refused to pay the ransom demands, hackers dumped large batches of the data on the dark web, claiming the files contained all of the data they took in the heist. The data security incident, alongside others such as the Optus’ breach, prompted the Australian government to push for stiffer penalties. The country’s legislation eventually was revised, increasing maximum fines for serious or repeated breaches to AU$50 million or three times the value of any benefit obtained through the data misuse, or 30% of the company’s adjusted turnover in the relevant period, whichever is greater. Bannister Law Class Actions’ principal Charles Bannister expressed hope the joint cooperation would lead to swift compensation payments for Medibank customers impacted in the breach. “We believe the data breach is a betrayal of Medibank’s customers and a breach of the Privacy Act,” Bannister said. “Medibank has a duty to keep this kind of information confidential.” Centennial Lawyers’ adjunct professor George Newhouse added that the data breach revealed the lack of safeguards that should have been in place, to prevent private and personal data from being accessed by hackers. Describing the law firms’ cooperation as a significant development, Maurice Blackburn’s head of class actions Andrew Watson said the agreement would ensure all three firms worked together with the common goal of obtaining compensation as quickly as possible. Maurice Blackburn also filed a representative complaint to the OAIC against Optus with regards to the telco’s data breach.
RELATED COVERAGE
Medibank systems back online after weekend shutdown for security updateMedibank hackers reportedly release all data on dark webAustralia beefs up scrutiny of Medibank following data breachMedibank won’t pay ransom as more stolen data shows up on dark webAustralia seeks stiffer penalty for data breaches amidst spate of security incidentsAustralia sees rise in cybercrimes on back of ‘destructive’ ransomware, state actors