Australian firms reported 464 data breaches in second half of 2021
Malicious or criminal attacks remain the leading source of incidents, accounting for 55% of the total
The Office of the Australian Information Commissioner (OAIC) periodically publishes statistical information about notifications released under its Notifiable Data Breaches (NDB) scheme to help improve consumer protection and drive better security standards for protecting personal information.
The OAIC published its analysis for the second half of 2021, which revealed that it received 464 notifications during the reporting period, compared to 436 during the first half of the year.
It also found that malicious or criminal attacks remain the leading source of the breaches, accounting for 256 notifications (55% of the total), down 9% in number from the previous half of the year.
Data breaches resulting from human error accounted for 190 notifications (41%). The health sector was also the highest reporting industry sector, notifying 18% of all breaches, followed by finance at 12%.
The most common type of personal information involved in the breaches was contact information. 96% of the breaches affected 5,000 individuals or fewer, while 71% affected 100 people or fewer.
Australian information commissioner and privacy commissioner Angelene Falk said that the NDP scheme was well established after four years of operation.
Minimising downtime risk with resilient edge computing
Add value with on-premise edge computingFree Download
“The scheme is now mature and we expect organisations to have accountability measures in place to ensure full compliance with its requirements,” she said. “If organisations wish to build trust with customers, then it is essential they use best practice to minimise data breaches and, when they do occur, they put individuals at the centre of their response.”
However, the OAIC found that some organisations are falling short of the scheme’s assessment and notification requirements. Falk said one of its key objectives is to protect individuals by helping them to respond quickly to a data breach to minimise the risk of harm. Delays in assessment and notification reduce the opportunities for an individual to take steps to protect themselves from harm, said Falk.
Last week, the New South Wales (NSW) government admitted to a data breach that saw over 500,000 addresses leaked through a government website. Locations were collected by the NSW Customer Services Department through a QR code registration system before being made public through a government website. Locations included defence sites, missile maintenance sites, and domestic violence shelters.
The state of Salesforce: Future of business
Three articles that look forward into the changing state of Salesforce and the future of businessFree Download
The mighty struggle to migrate SAP to the cloud may be over
A simplified and unified approach to delivering Enterprise Transformation in the cloudFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
The Total Economic Impact™ Of IBM FlashSystem
Cost savings and business benefits enabled by FlashSystemFree Download