The Office of the Australian Information Commissioner announced civil penalty proceedings against Australian Clinical Labs Limited over Privacy Act violation allegations stemming from a 2022 data breach. An OAIC investigation revealed alleged data security lapses and improper data breach notification practices. Commissioner Angelene Falk claimed sale of the breached information on the dark web left individuals "exposed to potential emotional distress and the material risk of identity theft, extortion and financial crime."
OAIC seeks civil penalties for 2022 sensitive data breach
Related stories
At GPS 2025: A view into US federal and state cybersecurity enforcement
Data governance: Why this year is different from all others
At GPS 2025: FTC's Holyoak outlines next steps for US enforcement, innovation
Artificial illusion: Global governance challenges of deepfake technology
Biometrics in the EU: Navigating the GDPR, AI Act
