OAIC data breaches report

Written By Jon Wilton

Last week, the Office of the Australian Information Commissioner released their semi-annual Notifiable Data Breaches Report.  This report contains statistical information about Notifiable Data Breaches during the previous six months.  A data breach is considered to be notifiable if it has the potential to cause serious harm to an individual about whom data has been disclosed, and where this is the case there is a mandatory requirement that this is reported to the OAIC within 30 days.  Legal action may be taken against organisations or individuals who fail to report these breaches.

According to the report, data breaches are overwhelmingly the result of criminal activity (70%), and principally concern identity information (such as Dates of Birth, Names, Drivers Licence Number), contact information (phone number, email address) and financial information (bank account details, payroll, insurance, etc).  Where a data breach was the result of a cyber-security incident (42% of all breaches) the main methods of attack were Ransomware, Stolen Credentials, and Phishing.

These are the same major attack methods which have been at the top since this information was first compiled back in 2018.

The OAIC has also released the latest Australian Community Attitudes to Privacy Survey.  Critically it indicates that 82% of Australians care about protecting their personal information, but that 57% don’t know how to do this.  89% want more legislation to protect their personal information, and the same percentage want the right to seek financial compensation for breaches through the courts.  47% of respondents indicated that they would stop using a service if it was involved in a data breach.

Cyber Security is rapidly becoming a significant issue in the day to day lives of Australians, with breaches having potentially serious effects for both the people affected by them, and the organisations which are breached.  If you would like to know how you can protect your business, or how to respond to a data breach, CQ Cyber can help.

 

References:

OAIC Notifiable Data Breaches Report: https://www.oaic.gov.au/newsroom/ongoing-vigilance-in-data-protection-measures-essential

OAIC Australian Community Attitude to Privacy Survey: https://www.oaic.gov.au/engage-with-us/research-and-training-resources/research/australian-community-attitudes-to-privacy-survey/australian-community-attitudes-to-privacy-survey-2023

Jon Wilton
Previous

Development of a National Cyber Security Strategy
Next

Protecting your personal information