Australia’s media watchdog said the telco giant was responsible for a “large-scale public safety breach” after it failed to upload customer information to a database used by police, fire and ambulance services to locate people in emergencies between January 2021 and September 2023.

The Public Number Database (IPND) is used to alert Australians of disasters such as floods and bushfires.

ACMA member Samantha Yorke said the watchdog launched its investigation after a compliance audit found Optus had failed to upload data via its outsourced supplier, Prvidr Pty Ltd.

“When emergency services are hindered there can be very serious consequences for the safety of Australians,” Ms Yorke said.

“While we are not aware of anyone being directly harmed due to the non-compliance in this case, it’s alarming that Optus placed so many customers in this position for so long.”

ACMA commenced its investigation after a compliance audit indicated Optus had failed to upload data via its outsourced supplier, Prvidr Pty Ltd.

In addition to fines, the watchdog has accepted a court-enforceable undertaking from Optus that requires an independent review of its IPND compliance where it uses a third-party data provider.

The telco faces federal court action and fines of up to $10m per breach if it fails to comply with the industry code.

Optus has accepted that proper audits were not put in place for its third-party supplies and has apologised to customers.

“Optus accepts that proper audits and checks were not in place to ensure IPND obligations were being met for services we supply through our partner brands. We apologise for this and accept that we have not met community expectations,” the telco said in a statement.

Originally published as Optus fined $1.5m after ‘alarming’ breach