SYDNEY – More than 100,000 current and former customers have joined a class-action lawsuit against Australian telco Optus, a subsidiary of Singtel, over a cyber-security breach in 2022 that compromised the data of roughly 1.2 million customers, lawyers said on Friday.

Starting with the Optus breach in September, a spate of cyber attacks on Australia’s corporate sector has exposed the data of tens of millions of customers online and led the government to set up a new cyber-security body and overhaul rules that the Minister for Home Affairs and Cyber Security has described as “bloody useless”.

A claim lodged in the federal court by law firm Slater and Gordon on Friday alleged that Optus breached laws and its own policies by failing to adequately protect customer data and destroy or de-identify former customer data, according to a statement from the firm.

In a statement on Friday, Optus said it has yet to be served with any court documents on the matter. “As previously announced, any class action will be vigorously defended,” said the telco.

Members in the lawsuit want compensation for the time and money required to replace identity documents and for distress, frustration and disappointment caused by the breach. The statement did not specify an amount.

Claimants include a stalking victim who fears her life has been put in danger, the statement said. Slater and Gordon’s head of class actions Ben Hardwick said the breach has potentially put vulnerable customers at risk of domestic violence and other crimes.

“Very real risks were created by the disclosure of this private information that Optus customers had every right to believe was securely protected by their telecommunications and Internet provider,” Mr Hardwick said. REUTERS