The Privacy Commissioner has said in a statement that he will look into whether the practices of AAPT and Melbourne IT were consistent with the Privacy Act at the time of Anonymous' attack.
Anonymous stole AAPT's data last month via a vulnerability on Melbourne IT's systems. The group later began releasing data from a 40GB cache, which AAPT has said only contains historical, not current information.
At the time that the attack was announced, Melbourne IT told ZDNet that it had chosen not to involve the Privacy Commissioner, as it did not know if the data contained any personal information. It said that since the data did not belong to it, it was not permitted to view its contents.
The Privacy Commissioner also told ZDNet that, at the time, AAPT had not informed it of the theft of data and would contact the telco for a response.