Maurice Blackburn Lawyers announced the firm had now filed the complaint after thousands of customers contacted the firm seeking their entitlements following the breach that saw near 10m customer’s details exposed online.

“The representative complaint alleges Optus failed to protect the personal information of its customers and ensure the destruction of information that it no longer needed,” read a statement from the firm.

A Maurice Blackburn spokesman told The Weekend Australian that the firm did not yet know how much customers whose data had breached would be entitled to and that compensation would likely depend on how much of their data had been exposed.

However, this is a relatively new area of litigation and the firm was still going through the process of understanding what customers were entitled to, he said.

The Optus hack, first reported by this newspaper more than two weeks ago, saw the personal information of near 10m Australians exposed by a hacker who later claimed to have deleted the data after publishing the records of 10,000 people online. The hacker’s initial demand was $1.5m in the cryptocurrency Monero.

Late last month firm Slater and Gordon announced it was assessing legal options for the estimated 10 million affected customers.

Just days later Maurice Blackburn announced it was also assessing legal action. It’s the second time the firm has gone after Optus in recent years, following legal action taken in April 2020 after the Telco mistakenly provided private data including names and contact details of 50,000 customers to Sensis.

Leading the Maurice Blackburn representative claim is Macquarie University academic Sean Foley who, despite changing Telco providers in 2017, was also a victim of the hack. Professor Foley is one of thousands of legacy customers who have been caught up in the hack long after changing providers.

As many as 150,000 passport numbers and 50,000 Medicare numbers have been stolen in the breach.

Maurice Blackburn Principal Vavaa Mawuli said consumer’s expected their data to be stored securely as companies were increasingly entrusted with personal information.

“When people are required to share personal information in order to receive important services, they expect that data to be held securely and not in a manner which may expose them to risks of identity theft,” she said.

“We have commenced this complaint today to seek compensation and hold Optus to account for this catastrophic data breach.”

The federal government on Thursday announced a string of changes would be made to improve the security of Australian consumer data.

Treasurer Jim Chalmers said new amendments would requires Telcos to destroy personal data when no longer needed and new rules would allow for Telcos to pass consumer data to the likes of banks if the company had been compromised.

“They need to satisfy robust security requirements and protocols for data transfer and storage, and they need to ensure that the information that they get is destroyed when it’s no longer required,” he said.

The Maurice Blackburn spokesman said the complaint had been sent to the privacy commissioner and the next steps would be determined once the commissioner had responded.

More Coverage

‘Vulnerable’ Optus customers left in the dark

Joseph Lam

Embattled Optus faces class action over huge data breach

DAVID SWAN

Originally published as Optus hack: Macquarie academic leads Maurice Blackburn Optus customer representative claim