Maurice Blackburn on Friday lodged a representative complaint against Optus with the Office of the Australian Information Commissioner, the law firm announced in a statement.

Macquarie University academic Sean Foley is the representative complainant, one of millions of Australians who had their data breached.

Associate Professor Foley was informed by Optus last month that his personal details including sensitive documents had been exposed in the breach, despite him ceasing to be a customer in 2017.

The formal move comes after tens of thousands of people registered their interest in potential class actions against Optus with two Australian law firms, Maurice Blackburn and Slater and Gordon.

“Under the Privacy Act, corporations must take reasonable steps to protect personal information they hold from misuse, interference and unauthorized access. Those who fail to do so can face penalties including fines and be ordered to pay compensation,” a statement from Maurice Blackburn reads.

“The representative complaint alleges Optus failed to protect the personal information of its customers and ensure the destruction of information that it no longer needed.”

Maurice Blackburn principal Vavaa Mawuli said: “When people are required to share personal information in order to receive important services, they expect that data to be held securely and not in a manner which may expose them to risks of identity theft.

“We have commenced this complaint today to seek compensation and hold Optus to account for this catastrophic data breach,” she said.

THOUSANDS JOIN OPTUS LEGAL PROBE: SEE IF YOU’RE ELIGIBLE

Tens of thousands of Australians have registered their interest with two law firms who are investigating potential class action against Optus over the recent cyber attack.

At least 2.1 million personal identification numbers have been stolen in the massive data breach.

Slater and Gordon Class Actions senior associate Ben Zocco said the firm had received tens of thousands of registrations from current and former Optus customers since announcing its plans last week.

“For many of those affected, this data breach is more than an inconvenience,” Mr Zocco said.

“We have received countless stories from Optus customers about the impact the disclosure has had on them, particularly from vulnerable members of the community, such as domestic violence survivors and victims of stalking or other threatening behaviour.”

“When companies fail to properly store and secure customer data, those affected ought to be rightly compensated for any loss and damage they have suffered,” Mr Zocco said.

“The goal of any class action will be redress for those consumers adversely affected by the Optus data breach.

“While class actions involve complex issues of law, we know that affected customers are extremely concerned and we are working as quickly as possible to investigate potential legal options.”

Vavaa Mawuli, principal lawyer at Maurice Blackburn, said thousands of people had registered with them so far because “they want to see Optus held to account for this breach”.

“Clearly Optus needs more effective systems for managing its customers data and the hope is to bring about such a result so this doesn’t happen again and compensate the victims of this latest breach,” Ms Mawuli said.

In a note lodged with the Singapore stock exchange, Singtel – the parent company of Optus – has indicated the telco is working with identity document issuing authorities to help customers affected after Medicare, driver’s licence numbers were hacked.

Singtel also confirmed it would defend the company in any potential legal class action, and it is continuing to assess the “financial implications” from the cyber attack.

HOW TO GET INVOLVED

Affected Optus customers can register their interest to become involved in the potential legal proceedings by registering with the law firms directly.

While tens of thousands have already registered, both companies said they were continuing to get more each day.

“By registering their interest, affected consumers can ensure they are kept up to date by Slater and Gordon as the investigation develops,” Mr Zocco said.

“Importantly, there is no obligation to register and no obligation following registration for consumers to be part of any class action that may be issued at a later time.”

To register for Slater and Gordon’s investigation, visit the company’s website.

To register for Maurice Blackburn’s potential claim, email: 2022optusdatabreach@mauriceblackburn.com.au

More Coverage

Telstra in data breach amid Optus hack

Adella Beaini, Madeleine Achenza and Hayley Goddard

How Optus victims can get new IDs

Hayley Goddard

Originally published as Optus hack: Aussie law firm Maurice Blackburn files action against telco