A domestic violence victim and a retired police officer are among the current and former Optus customers part of a class action launched over the September 2022 data breach.
Subscribe now for unlimited access.
$0/
(min cost $0)
or signup to continue reading
More than 100,000 people have so far registered for the class action, according to law firm Slater and Gordon.
"Optus is a very large company, it has data which is very important to Australians. It's not your local gym, it should have had systems in place which prevented this from happening," Slater and Gordon's Ben Hardwick told ABC News Breakfast.
"For many Australians their private information is priceless.
"We've had women who have been victims of domestic violence, we've had victims of stalking, and their stories about why their private information is so important to them are very concerning."
An Optus spokesperson said the company would "vigorously defend any such proceedings".
In September 2022, the telco announced the personal information of up to 10 million current and former customers had been breached in a cyberattack.
Details included names, dates of birth, phone numbers and email addresses.
For some this extended to home addresses, driver's license, Medicare and passport numbers.
The information of more than 10,000 customers was released on the dark web when ransom demands were made.
Customers come forward
The class action's lead applicant, a Victorian man who did not want to be named, said he was left feeling "vulnerable, exposed and worried" when he found out his information had been compromised.
"Not knowing what still might happen as a result of having my information accessed and by whom haunts me," he said.
"It feels like only a matter of time before I get scammed or defrauded, which is a constant worry that I didn't have before I was let down by Optus."
Slater and Gordon said other people who joined the class action included a retired police officer with concerns his home address may have been shared with criminals he was involved in the prosecution of.
A Queensland woman who is the second lead applicant, said it was "incredibly stressful trying to get answers from Optus".
"I spent a lot of time changing passwords to all of my accounts, have been constantly checking that money hasn't been stolen, and making sure I've done everything I can to protect myself," she said.
The accusations against Optus
Optus is accused of breaching privacy, telecommunication and consumer laws, and its own internal policies, in the statement of claim lodged in the Federal Court on April 21.
The claim says Optus failed to protect customers' personal information, failed to destroy or de-identify the information of former customers and failed to ensure that only those who needed to access the information could.
Members of the class action are seeking compensation for time and money spent replacing identification documents, and security measures following the breach.
Damages are also sought for non-economic losses such as distress, frustration and disappointment.
Following last year's cyber attack, Optus commissioned an independent external review of the incident and its security processes.