Australia Will Now Fine Firms Up To $33.4 Million for Data Breaches

The Australian parliament has approved a bill to amend the country's privacy legislation, significantly increasing the maximum penalties to AU$50 million for companies and data controllers who suffered large-scale data breaches. From a report: The financial penalty introduced by the new bill is set to whichever is greater: AU$50 million, three times the value of any benefit obtained through the misuse of information, and 30% of a company's adjusted turnover in the relevant period. Previously, the penalty for severe data exposures was AU$2.22 million, considered wholly inadequate to incentivize companies to improve their data security mechanisms. The new bill comes in response to a series of recent cyberattacks against Australian companies, including ransomware and network breaches, resulting in the exposure of highly sensitive data for millions of people in the country. "The Albanese Labor government has wasted no time in responding to recent major data breaches. We have announced, introduced, and delivered legislation in just over a month," reads the media announcement. "These new, larger penalties send a clear message to large companies that they must do better to protect the data they collect."

Read more of this story at Slashdot.