ClassActions.com.au
A class action brought by former AFL players over alleged concussion-related brain injuries is scheduled for a 12-week trial starting 26 July 2027 in the Victorian Supreme Court. Nearly 100 former players are reportedly involved. The claim alleges failures in care and warnings about concussion risks for players who suffered permanent brain injuries from head strikes between 1985 and March 2023. Mediation is listed for 30 September 2026.
Also in this edition
Media Coverage Retailers on notice over fake discounts after Coles ruling 15 May 2026 Media Coverage Could the Coles ruling affect the Woolworths Prices Dropped case? 15 May 2026 Media Coverage 'Disappointing' new judgment in decades-long Territory cattle class action 15 May 2026Australian retailers on notice over 'fake discounts' as Coles braces for record fine after landmark court ruling. The article discusses Woolworths' exposure and broader implications for supermarket discount practices following the Coles ruling.
Woolworths on chopping block after Coles, ACCC ruling. The Australian reported that the Federal Court's Coles ruling may foreshadow issues in the Woolworths case because of similarities between Down Down and Prices Dropped promotional pricing.
The Federal Court has dismissed the NT Cattlemen's Association appeal against a 2025 decision that reduced the compensation quantum for losses arising from the 2011 live cattle export ban. The ruling is the latest chapter in one of Australia's longest-running class actions, with affected cattle producers describing the outcome as "disappointing" after more than a decade of litigation.
Background explainer on the Coles Down Down case and pricing patterns before the final ruling.
In May 2026, multiple plaintiff law firms in the United States announced formal investigations into potential claims against Instructure arising from the Canvas data breach, including on grounds of negligence, breach of implied contract, and breach of confidence.
Federal Court of Australia finds Coles misled consumers with its Down Down discount campaign.
Retail trade coverage of the Federal Court decision and its implications for the supermarket sector.
Consumer-friendly explainer aimed at a younger and general audience, covering the ACCC trial and alleged discount issues.
Reports that Coles misled shoppers with fake Down Down discounts. Explains the pricing pattern where prices were raised before being promoted as discounted.
ACCC release confirming the Federal Court found Coles made false or misleading representations in 13 of 14 Down Down tickets considered.
Share-market-focused article reporting on Coles' ASX reaction after the ruling.
Business/legal coverage focusing on discount pricing and the need for a meaningful earlier price before claiming a discount.
Mainstream business coverage of the Federal Court decision and misleading conduct finding.
Retail-focused summary of the ruling, noting that penalties are pending and that the decision covered 13 of 14 sample products.
Background on the ACCC allegations against Coles, including claims relating to 245 products between February 2022 and May 2023.
Consumer-friendly coverage highlighting misleading marketing findings and the next court date.
Legal-sector framing of the case when proceedings began, including arguments around misleading discount representations.
Market-focused coverage noting scrutiny of supermarket pricing and share-market reaction.
Matter stage: active class action / regulator-linked. Tags: consumer, regulator-follow-on, judgment. The ACCC reports that the Federal Court found Coles made false or misleading Down Down discount representations, a key development for follow-on consumer claims.
Retail industry background on the case before the Federal Court decision.
International or syndicated coverage of the Coles misleading discount decision.
Official court file for ACCC v Coles, including the 14 May 2026 judgment, orders, submissions, and related case documents.
Trade-industry article linking the Coles matter to the ACCC's broader proceedings against Coles and Woolworths.
Analysis suggesting the ruling may have implications for broader retail discounting practices, while noting the case was not a price-gouging finding.
Visual guide showing examples of the pricing behaviour that led to the ACCC case against Coles.
On 13 May 2026, a proposed class action lawsuit was filed in the US District Court for the Southern District of California on behalf of a San Diego resident, alleging that Instructure failed to adequately protect personal information exposed in the Canvas data breach.
Technology coverage reporting Instructure's agreement with hackers and concerns over whether stolen data can truly be destroyed.
Reports Instructure reached an agreement with hackers after the global Canvas incident affected universities and schools, including at least 122 Australian institutions.
Queensland coverage reporting that QLearn student and teacher data was affected by the global Canvas/Instructure incident.
AP reported that Instructure reached an agreement with hackers over stolen Canvas data, while experts warned risk may remain.
Guardian Australia live coverage included an update on Instructure's agreement with the unauthorised actor over stolen Canvas data.
On 11 May 2026, Instructure stated on its incident update page that it had reached an agreement with the threat actor and that the accessed data was returned or destroyed. Instructure acknowledged a lack of transparency in earlier communications and apologised. Independent verification of data destruction has not been publicly confirmed.
Regional Queensland coverage of schools affected by the global Canvas data incident.
Australian education coverage identifying schools and universities affected by the Canvas incident.
Matter stage: settlement in principle. Tags: shareholder, settlement-pending. Market Index reports an in-principle $27 million settlement for the FleetPartners / Eclipx shareholder class action, announced on 8 May 2026.
Gordon Legal published updates about registration and Federal Court orders relating to the Robodebt class action appeal settlement process.
Echo Law says the Qantas travel credits class action has reached a $105 million proposed settlement, subject to court approval.
Centennial Lawyers’ website asks current and former Medibank and ahm members to register for the Medibank data breach matter.
South Australian coverage reporting that Flinders University and other local education providers were among institutions responding to the Canvas incident.
Reports on ShinyHunters' claimed role, the Canvas outage and Instructure's restoration of Canvas services.
On 7 May 2026, Canvas login pages at many institutions were defaced with a ransom message from ShinyHunters. Instructure took Canvas offline amid widespread disruption during final exam and end-of-term periods, affecting thousands of schools and universities globally.
William Roberts Lawyers says it has filed an environmental class action against Cadia Holdings, a subsidiary of Newmont, in the NSW Supreme Court.
Following advice from Instructure on 6 May 2026 that approximately 9,000 institutions worldwide were affected — including at least 25 Australian and New Zealand universities — institutions including RMIT, UTS, University of Adelaide, and the Queensland Department of Education temporarily disabled Canvas access. The National Office of Cyber Security and Universities Australia co-ordinated the response. The Australian Cyber Security Centre advised users to be alert to phishing using exposed names and email addresses.
Recent reporting and court materials say the AFL concussion proceeding led by former Geelong player Max Rooke has broadened, with more than 100 former players connected to the litigation. The claims allege acquired brain injury from football-related concussions; the allegations remain before the court.
On approximately 3 May 2026, the threat group ShinyHunters publicly claimed responsibility for the Canvas breach and issued a ransom demand, threatening to release data on tens to hundreds of millions of users unless payment was made.
LawFuel reports that Maurice Blackburn filed a formal privacy complaint against Qantas after the data breach compromised personal information of 5.7 million customers.
Matter stage: appeal. Tags: government-liability, appeal. The Courier Mail reports on a recent judgment in the long-running live cattle export ban class action, following earlier findings concerning the 2011 ban and compensation issues.
Official Instructure incident page for statements about the Canvas security incident, affected data categories, containment, investigation and support.
On 1 May 2026, Instructure publicly disclosed a cybersecurity incident involving unauthorised access and data exfiltration from Canvas. Data types reported to be involved included names, email addresses, student ID numbers, and messages among users. No evidence of passwords, dates of birth, government IDs, or financial information was reported at that time.
The Federal Court class action filed by Maurice Blackburn on behalf of approximately 6 million affected customers is ongoing. Affected customers are encouraged to register to receive updates on key dates and their potential entitlements.
Source index summarising the global Canvas incident, including reported Australian impacts, affected data categories and official links.
Matter stage: post-settlement. Tags: post-settlement-misconduct, governance, integrity. News.com.au reports on former senior counsel Norman O'Bryan being sentenced over fraudulent invoices connected to the Banksia settlement. This is treated as a class action integrity and post-settlement misconduct event, not a fresh claimant class action.
The Australian class action registration campaign at canvasclassaction.com.au launched in May 2026, inviting current and former Canvas users affected by the data breach to register their interest and receive updates as the investigation progresses.
In May 2026, an Australian investigation and registration pathway opened for people potentially affected by the Canvas data breach. Affected Australians can register their details and stay informed about the matter.
ClaimFinder opened an Australian investigation and registration pathway for people potentially affected by the Canvas incident. Australians who used Canvas through a school, university, or other institution are encouraged to register their details and stay informed as the matter develops.
Matter stage: filed. Tags: consumer, insurance, filed. Shine Lawyers has launched a class action concerning Mortgage Protection Plan / My Protection Plan policies issued between 28 February 2018 and 29 February 2024.
On 29 April 2026, Instructure stated it detected unauthorised activity within Canvas and immediately revoked attacker access. Additional suspicious access was revoked and the underlying vulnerability addressed on 30 April 2026.
The GrainCorp Numurkah group proceeding alleges residents suffered nuisance, amenity loss and property impacts from noise and odour associated with the company's oilseed facility. Court notices define the group by proximity to the facility and relevant occupation periods.
According to Instructure, a criminal threat actor gained unauthorised access to the Canvas platform on or around 25 April 2026, initiating the cybersecurity incident.
Beginning on approximately 25 April 2026, the Canvas platform operated by Instructure suffered a significant cybersecurity incident in which a criminal threat actor gained unauthorised access and exfiltrated user data. The incident affected approximately 9,000 institutions globally, including at least 25 Australian and New Zealand universities, and is the triggering event for class action proceedings.
ACCC takes Woolworths to court over alleged misleading prices. News.com.au reported on the ACCC's Woolworths case, including allegations involving 266 products, short-term price rises of at least 15%, and examples such as Oreos and Tim Tams.
Consumer watchdog zeroes in on Woolworths' allegedly fake discounts as it meets supermarket giant in court. The ACCC alleged Woolworths temporarily increased prices on at least 266 products before promoting them under Prices Dropped at prices that were the same as, or higher than, earlier prices.
Woolworths engaged in 'marketing magic' to trick customers, consumer watchdog tells court. The ACCC argued Woolworths used comparative was/is pricing to create the impression of genuine savings after short-term price spikes.
Woolworths will face a two-week joint liability trial over allegations of false and misleading representations to consumers about its discount pricing claims.
Matter stage: settlement in principle. Tags: shareholder, settlement-pending. Slater and Gordon reports an in-principle $62 million settlement in the a2 Milk shareholder class action, subject to final deed and court approval, with no admission of liability.
The Federal Court has granted leave for the Woolworths misleading pricing class action to proceed as a representative proceeding.
Matter stage: judgment. Tags: shareholder, judgment, landmark. Ashurst reports on the Federal Court judgment in the Brambles shareholder class action, described as the first Australian shareholder/securities class action to succeed at judgment after trial, with findings on liability and loss.
Additional complaints were filed with the OAIC relating to Qantas ongoing handling of affected customer records following the breach, raising questions about data retention and disposal practices.
Matter stage: settlement approval pending. Tags: superannuation, settlement-pending. Slater and Gordon reports an in-principle $120 million settlement in the AMP Super Fees class action, with a settlement approval hearing held on 7 April 2026 and judgment reserved.
The $105 million settlement is currently before the Federal Court for approval. Affected customers are encouraged to register their interest to be notified of key dates and distribution details.
The Victorian Government has reportedly agreed to a $125 million settlement of a business class action over losses linked to hotel quarantine failures and the 2020 lockdown. The settlement is subject to court approval before any distribution to eligible businesses.
Matter stage: settlement approved. Tags: superannuation, settlement-approved. Slater and Gordon reports that the Federal Court approved a $50 million ANZ and OnePath Super class action settlement on 20 March 2026, with distributions expected from mid-2026.
The NSW Supreme Court Cadia mine class action concerns allegations that mine dust, fluids and contaminants affected nearby properties. Public reports say about 2,000 landholders may be within the claim area, with the matter proceeding through directions before any trial.
Qantas has agreed to settle the COVID flight credits class action for $105 million, subject to Federal Court approval and without admitting liability. The proceeding concerned customers whose flights were cancelled during the pandemic and who received credits rather than immediate cash refunds.
Qantas agreed to a proposed $105 million settlement of the COVID flight credits class action, subject to Federal Court approval. The settlement covers customers who held unused flight credits.
Matter stage: settlement approval pending. Tags: government-liability, settlement-pending. Gordon Legal describes a proposed $548.5 million Robodebt appeal settlement, subject to Federal Court approval, with registration closing on 6 March 2026.
Adero Law says it has filed a Federal Court class action alleging salaried Kmart managers were underpaid for meal breaks, overtime, penalty rates, higher duties and out-of-hours work. The claim period is described as February 2020 to February 2026 and the allegations remain unresolved.
Services Australia and Gordon Legal have advised affected people about registration steps for a further robodebt class action settlement process. Media reporting has highlighted deadlines for eligible group members before Federal Court approval is considered.
The Sportsbet class action alleges the Fast Code service for in-play sports betting breached rules requiring certain bets to be placed wholly by telephone. Sportsbet denies the allegations and public reporting says it has filed a counterclaim as the case moves toward a scheduled 2026 trial.
Coles will face a two-week joint liability trial over allegations of false and misleading representations to consumers about its discount pricing claims.
A representative complaint was filed with the Office of the Australian Information Commissioner (OAIC) against Qantas under the Privacy Act 1988, citing failures in data security and notification obligations.
An academic paper analyses the Medibank breach and proposes differential privacy techniques for protecting sensitive health data, highlighting why claims information requires stronger technical safeguards than standard encryption.
The matter remains under active investigation. Claimants who have not yet registered can still do so. The legal team is continuing to gather evidence and assess the full scope of affected funds and members.
Deadline for group members to opt out of the Woolworths class action: 4:00 pm AEDT on 21 November 2025.
Deadline for group members to opt out of the Coles class action: 4:00 pm AEDT on 21 November 2025.
Qantas made leadership changes following the cyber breach, with the customer head departing with immediate effect.
Qantas head of customer experience resigned following the ongoing fallout from the cyber breach and widespread leak of customer data.
ABC provides practical guidance for customers after Qantas data was released on the dark web, including scam and identity misuse risks.
Reports that Qantas confirmed personal data stolen in the mid-2025 cyberattack had been released on the dark web.
Explains what data was leaked, what customers should do, scam risks, the NSW Supreme Court injunction and the possibility of compensation or representative action.
Reports that personal data of more than 5.7 million Qantas customers was leaked on the dark web after a cyber extortion campaign.
After the ransom deadline expired on 10 October 2025, the threat group published approximately 153 GB of Qantas customer data — affecting over 5 million records — on a dark web data leak site. The data included names, email addresses, frequent flyer numbers, dates of birth, and in some cases phone numbers and home addresses.
Hackers leaked data containing about 5 million Qantas customer records after a ransom deadline passed, increasing concern about scams, phishing and identity misuse.
The NSW Supreme Court made permanent orders in Qantas's action to restrict access to or release of compromised data, and granted a non-publication order for legal team names.
Reports that cybercriminals published alleged Qantas customer data after ransom demands and notes Qantas' legal protections intended to prevent access or release of stolen data.
The Federal Court approved opt-out notice was sent to potential group members in the Woolworths class action, advising of their right to opt out.
The Federal Court approved opt-out notice was sent to potential group members in the Coles class action, advising of their right to opt out.
Reports that Maurice Blackburn lodged a representative complaint seeking compensation for millions of customers whose personal data was compromised in the Qantas cyber attack.
Reports that Maurice Blackburn lodged a representative complaint with the OAIC on behalf of affected individuals following the Qantas data breach.
Qantas customers affected by the cyber hack were being asked to join a compensation case launched by Maurice Blackburn.
Explains the Qantas cyber incident, affected customer information and the Maurice Blackburn compensation pathway.
Reports that Maurice Blackburn filed a complaint with the OAIC after the Qantas cyber attack affected 5.7 million customers.
Reports that a law firm made a representative complaint on behalf of millions of Qantas customers affected by the breach.
Reports that Maurice Blackburn launched action against Qantas over data safeguard issues affecting nearly six million passengers.
Reports that Maurice Blackburn lodged a representative complaint with the OAIC seeking compensation for nearly six million affected customers.
Maurice Blackburn lodged a representative complaint with the OAIC alleging Qantas failed to take reasonable steps to protect customer personal information.
Maurice Blackburn Lawyers filed a class action in the Federal Court on behalf of approximately 6 million customers whose personal data was stolen, alleging Qantas failed to take reasonable steps to protect customer information.
Comments on Maurice Blackburn's representative complaint to the OAIC, the allegations against Qantas, and the related injunction to prevent publication or use of stolen data.
Qantas went to the NSW Supreme Court seeking orders to stop stolen customer data from being accessed, published, transmitted or used.
Qantas applied to the Federal Court seeking an injunction to prevent the stolen data from being released or used, an extraordinary legal move intended to suppress publication of the data.
Maurice Blackburn says the complaint alleges Qantas breached privacy laws by failing to adequately protect customer personal information. The page also notes the October 2025 release of stolen data on the dark web.
Reports that Maurice Blackburn lodged a complaint with the OAIC alleging Qantas failed to take reasonable steps to protect customer personal information.
The breach affected about 5.7 million customers, including names, email addresses and frequent flyer numbers for millions, plus dates of birth, addresses, phone numbers, gender and meal preferences for subsets of customers.
The cybercriminal group behind the breach made direct contact with Qantas, reportedly seeking a ransom payment in exchange for not releasing the stolen data.
Reports on the Manila call-centre context, suspected social engineering, Qantas's response and warnings to customers about phishing and impersonation scams.
A potential cybercriminal contacted Qantas after the breach, with Qantas working with cybersecurity experts and the Australian Federal Police.
The OAIC confirmed Qantas notified it of an eligible data breach and said it was actively engaging with Qantas about its compliance with Notifiable Data Breaches obligations.
Qantas announced unusual activity on a third-party customer servicing platform used by a contact centre and said customer data had been compromised.
Qantas confirmed a cyberattack involving a third-party customer-servicing platform used by its contact centre. Exposed data included names, email addresses, phone numbers, birth dates and frequent flyer numbers, but not credit card, financial, passport, password, PIN or login details.
Qantas confirmed the cyber incident and disclosed that records of up to 6 million customers had been stolen. The airline notified affected customers and regulators.
Qantas confirms a cyber incident occurred in one of its contact centres impacting customer data. It provides updates, affected data details, scam guidance and customer support information.
AP reported that a cybercriminal accessed personal data through a Qantas call-centre platform affecting about 6 million passengers, while Qantas said operations and safety were unaffected.
Qantas detected unusual activity on a third-party contact-centre platform used by an offshore call centre. Cybercriminals gained access to customer data held in the Salesforce-linked system by social-engineering a support worker. Qantas states its core systems were not compromised.
The Federal Court ruled that Medibank must produce internal cyber incident review reports, rejecting its claim of legal professional privilege and marking a significant development in the OAIC proceedings.
Separate from the 2023 data breach, Latitude Financial faces a $3.96 million penalty for over 2.7 million spam law contraventions between March 2024 and April 2025 — adding to an already significant regulatory burden for the consumer lender.
Watchdog's warning to big supermarkets. News.com.au reported ACCC concerns about supermarket discount practices while the Woolworths and Coles proceedings were ongoing.
ACCC released its final report recommending supermarkets publish clear and accurate pricing information available conveniently to consumers.
ACCC released its final report recommending supermarkets publish clear and accurate pricing information available conveniently to consumers.
Coles and Woolworths claim Strepsils and Oreos price promotions 'not illusory' in new court documents. Woolworths argued that the Oreo price movement reflected supplier cost and pricing context rather than an illusory discount.
Gerard Malouf and Partners filed the class action (Benjamin Glenn Demery v Coles Supermarkets Australia Pty Ltd) in the Victorian Registry of the Federal Court, seeking compensation for consumers affected by illusory 'Down Down' pricing between February 2022 and May 2023.
Gerard Malouf and Partners filed the class action (Robbie Leigh Whittome v Woolworths Group Ltd) in the Victorian Registry of the Federal Court, seeking compensation for consumers affected by illusory 'Prices Dropped' promotions between September 2021 and May 2023.
'Not perfect': Woolies hits back at fake claims. Woolworths' leadership rejected the ACCC's fake discount allegations at the company's AGM while acknowledging scrutiny of its pricing practices.
Woolies, Coles 'fake' discounts spread across the entire supermarket. Court documents alleged Woolworths and Coles pricing conduct affected products across many categories, including groceries, pet food, drinks and household products.
Coles and Woolworths are in hot water with the regulator. What happens now? This article explains the ACCC proceedings, possible penalties, how the law treats comparative pricing, and what happens after the regulator files a case.
ACCC released interim findings showing Coles and Woolworths control 67% of supermarket retail sales and grocery prices rose over 20% in five years.
ACCC released interim findings showing Woolworths and Coles control 67% of supermarket retail sales and grocery prices rose over 20% in five years.
Grocery giants 'specials' expose sneaky tricks. This article used examples of supermarket shelf pricing concerns to discuss the broader ACCC proceedings against Woolworths and Coles over alleged false discounts.
Woolworths, Coles sued by ACCC over misleading price drop claims. The Australian reported the ACCC allegations against Woolworths and Coles, including the Woolworths 266-product allegation and the Oreo family pack example.
'Fools': Albo hits out at Coles, Woolies. News.com.au reported political reaction to the ACCC action, including comments from Prime Minister Anthony Albanese and details of Woolworths' alleged 266-product Prices Dropped conduct.
How 'was/is' pricing works — and why it's landed Coles and Woolworths in court. This explainer describes the comparative pricing method at the centre of the Woolworths and Coles proceedings, including the Oreo example used in the Woolworths allegations.
Australian retailers sued over 'illusory' discounts on Tim Tams and cat food. The Financial Times reported the ACCC proceedings against Woolworths and Coles as part of broader international concern over supermarket power and pricing during cost-of-living pressure.
Deceptive pricing an 'open secret'. This article reported consumer advocate reaction to the ACCC proceedings and the broader concern that supermarket promotional pricing had become difficult for consumers to trust.
Original ACCC release from September 2024 announcing proceedings against Woolworths and Coles over allegedly misleading discount claims.
ACCC taking Coles and Woolworths to court over alleged misleading claims. Guardian live coverage reported the ACCC's launch of proceedings against Woolworths and Coles, including the allegation that Woolworths' conduct involved 266 products.
The ACCC filed penalty proceedings in the Federal Court alleging Woolworths misled consumers with 'Prices Dropped' discount pricing on hundreds of products.
The ACCC filed penalty proceedings in the Federal Court alleging Coles misled consumers with 'Down Down' discount pricing on hundreds of products.
The Medibank breach continues to be cited as Australia's most costly data breach, with APRA requiring additional capital, the OAIC pursuing Federal Court proceedings, and ongoing class action litigation from affected customers.
Registration is now open for eligible Australians. Anyone who held a superannuation account and was not properly informed of their default insurance cover — including life insurance, TPD, or income protection — is encouraged to register.
A separate class action was filed on behalf of passengers who received flight credits rather than cash refunds, seeking compensation for customers who were unable to use their credits.
The Australian Securities and Investments Commission (ASIC) announced a sector-wide review into whether superannuation trustees adequately disclosed insurance entitlements to their members, consistent with obligations under the Corporations Act and SIS Act.
The Australian Information Commissioner commenced Federal Court proceedings against Medibank alleging serious or repeated interferences with privacy of approximately 9.7 million Australians following the October 2022 cyberattack.
The privacy regulator alleges Medibank failed to require multi-factor authentication, failed to properly triage security alerts, and allowed an attacker to remain undetected in its systems for almost two months, exfiltrating about 520GB of personal data.
Privacy-law reforms and the Medibank breach have increased pressure on Australian businesses to manage personal data securely, with significantly larger maximum penalties now applying under the Privacy Act.
The OAIC commenced Federal Court proceedings alleging Medibank seriously interfered with the privacy of millions of Australians by failing to take reasonable steps to protect personal information.
Qantas admitted to selling tickets on thousands of cancelled flights and agreed to pay a $120 million fine — the largest penalty ever secured by the ACCC — plus $20 million in customer refunds.
AFCA's review of the Latitude cyber-attack concluded the breach could have been prevented, delivering a damning assessment of Latitude's cyber risk management and cybersecurity controls in the lead-up to the March 2023 incident.
The Super Insurance Entitlements class action campaign went public via superclassaction.com.au, inviting affected members of Australian super funds to register their interest and check their eligibility.
One year after the OAIC and NZ Privacy Commissioner launched their joint investigation into Latitude, legal practitioners expressed frustration that no public report, determination or enforceable outcome had been released.
Australian, US and UK authorities linked a Russian cybercriminal to the Medibank hack, exposing the ransomware-for-hire model and resulting in targeted financial sanctions against the individual.
Law firms including Claimsplus Lawyers are assessing potential class action claims on behalf of affected Medibank customers for compensation relating to distress, privacy breach, and financial harm.
Claimsplus Lawyers formally appointed as plaintiff solicitors for the Super Insurance Entitlements Non-Disclosure matter, representing claimants across all affected superannuation funds.
The Australian Prudential Regulation Authority (APRA) issued updated guidance requiring superannuation funds to proactively notify members of all default insurance cover held within their accounts.
The ACCC filed proceedings in the Federal Court against Qantas alleging the airline engaged in false, misleading, or deceptive conduct by selling tickets on already-cancelled flights.
Latitude Financial disclosed $76 million in pre-tax costs related to the cyber incident in its half-year results, including system remediation, customer support, document replacement reimbursements and an overall $98 million net loss for the period.
Claimsplus Lawyers opened a formal investigation into widespread non-disclosure of default insurance cover inside Australian superannuation accounts, including life, TPD, and income protection policies.
APRA required Medibank to hold additional capital to cover operational risk following the 2022 cyber incident, citing weaknesses in information security controls identified during APRA's post-breach review.
The Office of the Australian Information Commissioner and the New Zealand Office of the Privacy Commissioner launched a joint investigation into Latitude Financial's handling of the data breach — the first-ever joint trans-Tasman privacy investigation.
The OAIC and New Zealand's Office of the Privacy Commissioner launched a joint compliance investigation — the first of its kind — into whether Latitude took reasonable steps to protect personal information and whether historic records should have been destroyed or de-identified.
Latitude Financial confirmed it received a ransom demand from the criminals but will not pay. CEO Bob Belan said this is consistent with the position of the Australian Government.
A forensic breakdown of the Latitude breach reveals attackers obtained employee login credentials through a third-party vendor and used them to access personal information from two of Latitude's service providers — a classic supply-chain intrusion.
A comprehensive technical and chronological breakdown of the Latitude Financial cyber incident: how attackers moved through the network, the escalating disclosure timeline, the refusal to pay ransom, and what 14 million affected individuals should do next.
Latitude Financial confirmed it received a ransom demand from cybercriminals but refused to pay, consistent with Australian Government guidance. The class action registration page explains options available to the 14 million people whose data was stolen.
The Australian Financial Complaints Authority opened a Current Matter for consumers wishing to lodge complaints about losses or harms arising from the Latitude Financial cyber-attack, providing a formal channel for financial redress.
The NSW Government released consumer guidance advising residents affected by the Latitude Financial breach on how to replace compromised identity documents including driver's licences and passports, and how to protect themselves from identity fraud.
Gordon Legal and Hayden Stephens and Associates announced they are investigating a potential legal action against Latitude Financial Services over the data breach.
The Office of the Australian Information Commissioner confirmed it was making preliminary inquiries into the Latitude Financial data breach and reminded organisations of their obligations under the Notifiable Data Breaches scheme.
The Medibank breach joined Optus and Latitude Financial in a series of major Australian data incidents that reshaped debates about Privacy Act penalties, corporate data retention limits, and mandatory cyber-risk governance frameworks.
Latitude Financial updated the market on 27 March 2023, confirming the breach affected approximately 14 million customers and applicants — including 7.9 million driver's licence numbers, 53,000 passport numbers and 6.1 million personal records.
Hayden Stephens & Associates, alongside Gordon Legal, opened a class action investigation into Latitude Financial's alleged failure to adequately protect the personal data of 14 million Australians and New Zealanders.
Gordon Legal and Hayden Stephens & Associates announced a joint investigation into potential class action proceedings against Latitude Financial over the mass theft of customer identity data, inviting affected individuals to register.
Latitude confirmed 7.9 million driver's licence numbers, 53,000 passport numbers, and 6.1 million customer records stolen — making it one of Australia's largest data breaches.
Latitude confirmed uncovering further evidence of large-scale information theft affecting customers (past and present) and applicants across Australia and New Zealand.
Latitude Financial warned customers that the data breach could be significantly larger than initially reported, with the hack remaining active.
Hackers breached Latitude Financial in March 2023, initially stealing around 300,000 customer records including driver's licences — an attack that would later be revealed as one of Australia's largest ever data breaches.
Latitude Financial (ASX: LFS) updated the Australian Stock Exchange that it had detected unusual activity on its systems, believed to have originated from a major vendor. Approximately 103,000 identification documents and 225,000 customer records were stolen.
The Office of the Australian Information Commissioner (OAIC) took action against Medibank under the Privacy Act 1988, following its 2022 data breach. The OAIC complaint concerns whether Medibank took reasonable steps to protect the personal and health information of approximately 9.7 million customers.
The attacker began releasing stolen data, including highly sensitive health-related information such as mental health records and pregnancy details, on dark web forums in staged releases.
Stolen Medibank customer data began appearing on the dark web after Medibank refused to pay a ransom, with customers warned to watch for scams and identity theft risks.
Medibank described the ransomware group's threat to release customer information as a distressing development after personal data of approximately 9.7 million current and former customers was accessed.
The attacker demanded payment in exchange for not releasing the stolen data. Medibank refused to pay the ransom, citing expert advice that paying would not guarantee data safety.
Medibank confirmed that customer data had been accessed, including personal information such as names, dates of birth, and contact details.
Medibank detected unusual activity on its network, later confirmed to be unauthorised access by a third party.
The Australian Competition and Consumer Commission began investigating Qantas over its handling of COVID-related refunds and credits, including allegations of misleading representations.
Qantas issued flight credits instead of cash refunds to customers whose flights were cancelled during the COVID-19 pandemic, affecting hundreds of thousands of passengers.
General Information Only
ClassActions.com.au publishes public class action, court, law firm and registry information for research and awareness.
Listings are informational and do not imply endorsement, outcome certainty, or legal advice.