"Following several high-profile data breaches in the past year, the federal government will review laws requiring companies to retain data as part of its new cyber security strategy.
Released on Wednesday, the 2023-30 strategy notes that data is increasingly used for ransom attacks and as a tool for coersion.
“Mishandling of sensitive and critical datasets can cause grave damage to Australia’s national interests,” it says. “Technological advancements have enabled malicious actors to develop vast data profiles on businesses, individuals and officials for intelligence gathering and commercial purposes.”"
"The strategy points out that businesses have voiced concerns that they are required to store substantial amounts of data for excessive periods of time, making them potentially high-value targets for hacking.
This was something raised in the wake of the Optus and Medibank data breaches, where tens of millions of customer records dating back years were exposed, with some then ending up on the dark web."
