Cybersecurity Minister Clare O’Neil announces several reforms to protect personal data after Medibank data leaks

Cybersecurity Minister Clare O’Neil said Australia needed to “wake up from the cyber slumber”, pointing to a series of reforms designed to protect personal data, including making ransom demands illegal.

A day after calling online hackers ‘scumbags’ while announcing a new cybersecurity task force, Ms O’Neil said there were compelling reasons to make it illegal for companies to try to get out of trouble.

“The idea that we’re going to trust these people to delete data that they’ve taken down and maybe copied a million times over is frankly silly,” she told Insiders on Sunday.

The federal government supported Medibank’s decision not to pay a $15 million ransom to prevent the disclosure of customer data.

“We stand strong as a country against this, we don’t want to fuel the ransomware business model,” Ms O’Neil said.

The Australian Federal Police (AFP) revealed on Friday that Russian cybercriminals were behind the Medibank hack, which led to the publication of highly sensitive customer data on the dark web.

Privacy laws a ‘national vulnerability’

Stricter regulation could also extend to data retention, which Clare O’Neil described as a “national vulnerability”.

Former Optus and Medibank customers who hadn’t been with the companies for a decade were caught up in the hacks.

The hackers demanded a ransom which they said was $1 per customer. (PA: Rick Rycroft)

“What we need to make sure is that companies only keep data for when it’s actually needed,” she said.

Data retention is part of a review of the Privacy Act currently being undertaken by Attorney General Mark Dreyfus.

Minister admits having trouble jailing cybercriminals

The federal government on Saturday announced a new task force combining expertise from AFP and the country’s cyber-spy agency, the Australian Signals Directorate, to “hack hackers”.

Ms O’Neil attempted on Sunday to set expectations for what justice might look like for cybercriminals.

She urged Australia to “let go of the feeling that the only good outcome here is someone behind bars”.

“It can be difficult when we have people who are basically hosted by foreign governments,” she said.

She said the government’s main objectives were to disrupt hacking operations and not allow Australia to be an easy target.

Comments are closed.