"The company responded to the request for information and confirmed that, to its knowledge, the company did not believe that any data had been compromised," ACL said in its statement.
This is dangerous, he said, because it could lead to identity theft or criminals impersonating people to get cash in their name or carry out crimes. He emphasised that waiting to tell customers meant those people were only now been given the opportunity to change their credit card details or other identifying information.
In its statement on Thursday, ACL said it had been analysing the data downloaded from the dark web to figure out who it belonged to so it could tell them. "The OAIC has ongoing preliminary inquiries with Medlab to ensure compliance with the requirements of the Notifiable Data Breaches scheme," the OAIC said in a statement to ABC News.Another cyber security expert, UNSW's Professor Lyria Bennett Moses, told ABC News that the issue with the Privacy Act was that, as it stands, it did not specify what exactly constituted a leak that would cause "serious harm".
That's alot of PCR data...🧐