Senate Orders OAIC to Release Full Amex Privacy Investigation Details

Senate Orders OAIC to Release Full Amex Privacy Investigation Details

First seen 3 Jul 2026, 06:24 UTC Itnews.AuCyberdaily.Au 82% similarity 36.9
Share:

Article Content

Browse articles
ThreatCluster

The Australian Senate has mandated the Office of the Australian Information Commissioner (OAIC) to disclose the complete findings of its investigation into American Express (Amex) regarding security weaknesses. The investigation revealed significant access control issues following two insider breaches. The OAIC had previously only published an abridged report citing potential harm to individuals and cybersecurity risks as reasons for withholding full details. The Senate's motion, passed with a vote of 33-21, requires the OAIC to provide the full determination and related correspondence by July 28, 2026. This move aims to enhance transparency and accountability regarding the handling of privacy breaches by Amex. The OAIC had ordered Amex to implement stronger access controls within six months after the breaches were identified.

Key Points: • The Australian Senate has ordered the OAIC to release full details of the Amex investigation. • The OAIC's previous report was abridged due to concerns over individual harm and cybersecurity risks. • Amex must implement stronger access controls within six months following identified insider breaches.

ThreatCluster AI

Timeline

2026-06-02
OAIC orders Amex to strengthen access controls
The OAIC mandated Amex to enhance system access controls after identifying insider privacy breaches.
Itnews.Au
2026-07-01
Senate motion passed for OAIC document release
Greens senator David Shoebridge moved a motion requiring the OAIC to produce full investigation documents, which passed 33-21.
Itnews.Au
2026-07-28
Deadline for OAIC to submit full determination
The OAIC is required to provide the full determination and related correspondence to the Senate by this date.
Itnews.Au

Community

Browse all →