27 May 2026

Australian Courts impacted by data breach involving transcription provider

The recent Australian court transcription breach has exposed the growing risks of poor third-party information governance, highlighting why strong oversight of sensitive data is more critical than ever.

A major court transcription and privacy breach has raised fresh concerns about information governance, data security, and outsourcing practices across Australia’s legal system. An investigation involving the Federal Circuit and Family Court of Australia and the Federal Court of Australia has revealed that sensitive court files were potentially accessed offshore without authorisation, prompting scrutiny during Senate estimates hearings.

At least 146 court matters are believed to have been impacted by the breach involving transcription provider VIQ Solutions, which had subcontracted transcription work to an offshore company in Chennai, India, reportedly without notifying the courts and in breach of Commonwealth contractual obligations. The matter has since escalated into a formal complaint with the Canadian privacy commissioner, while the Attorney-General’s Department confirmed it contacted the Australian Cyber Security Centre after becoming aware of the incident.

During Senate estimates, Federal Circuit and Family Court CEO and Principal Registrar David Pringle acknowledged the courts had struggled to obtain accurate information from VIQ Solutions regarding the scale of the breach. He also confirmed affected litigants had not yet been notified, citing concerns around causing additional distress.

The issue has reignited debate around the risks associated with outsourcing sensitive information handling and the importance of strong contractual oversight, information governance, and compliance monitoring. Senator David Shoebridge described the situation as an “unravelling scandal” and questioned the transparency and due diligence surrounding the management of the contract.

Compounding concerns, the Federal Court quietly extended its contract with VIQ Solutions by $5.3 million despite the company entering voluntary administration earlier this year. Additional scrutiny was also directed at administrative errors in procurement reporting, including incorrect supplier details and contract dates listed on AusTender.

For records and information management professionals, the incident serves as a significant reminder that information governance obligations extend well beyond internal systems. Organisations must ensure third-party suppliers handling sensitive information are subject to rigorous oversight, contractual compliance requirements, and ongoing monitoring. The case also highlights the broader risks of retaining and transferring highly sensitive information without appropriate governance controls, particularly where privacy, legal privilege, and public trust are involved.

Click here to read full report published on ABC News Website

Return to listing