Australia sees surge in data breaches, highest in over three years
Australia sees surge in data breaches, highest in over three years | Insurance Business Australia
Cyber
Australia sees surge in data breaches, highest in over three years
Report reveals most targeted sectors
Cyber
By
Roxanne Libatique
Australia has recorded its highest number of data breaches in over three years, according to the latest Notifiable Data Breaches report from the Office of the Australian Information Commissioner (OAIC).
Data breaches in Australia
Between January and June 2024, 527 data breaches were reported to the OAIC. This is a 9% rise from the previous six months, making it the largest figure since the latter half of 2020.
“Almost every day, my office is notified of data breaches where Australians are at likely risk of serious harm. This harm can range from an increase in scams and the risk of identity theft to emotional distress and even physical harm,” she said.
As in previous reports, malicious and criminal attacks were the primary cause of breaches, accounting for 67% of incidents, with 57% of those related to cyberattacks.
Health and government sectors led in the number of notifications, representing 19% and 12%, respectively.
OAIC expects higher level of accountability from organisations
Six years into the Notifiable Data Breaches scheme, the OAIC expects a higher level of accountability from businesses and government entities in securing personal information.
“The Notifiable Data Breaches scheme is now mature, and we are moving into a new era in which our expectations of entities are higher,” Kind said, adding that the OAIC’s enforcement actions make clear that organisations must treat personal data security as a priority.
The OAIC indicated that while it will continue to take a measured approach to enforcement, it will also provide guidance to help organisations understand their obligations under the scheme.
Privacy and Other Legislation Amendment Bill 2024
The release of the report comes as the Australian government pushes forward with the Privacy and Other Legislation Amendment Bill 2024, which seeks to enhance the OAIC’s enforcement powers.
If passed, the bill would introduce stiffer penalties for non-compliance and clarify security obligations under Australian Privacy Principle 11. Organisations would be required to implement more robust security measures, including data encryption and staff training, to mitigate risks.
The OAIC has endorsed these reforms but also called for further action in line with the government’s Privacy Act Review to bolster the Notifiable Data Breaches scheme and improve protections across the economy.
Increase in cyberattacks across Australia
The OAIC’s report mirrors a broader rise in cyberattacks across the country.
Regional cybersecurity trends
The rise in breaches reflects broader cybersecurity challenges faced across the Asia-Pacific region.
While 85% of cybersecurity executives in the Asia Pacific rated their defences as strong, 46% of companies had faced customer concerns over potential cybersecurity failures.
To address these concerns, 84% of companies in the region reported increasing their cybersecurity budgets, a figure that exceeds the global average of 76%.
However, many organisations are still struggling to quantify the effectiveness of their security programs, with a focus on breach numbers rather than operational metrics like response times or threat detection capabilities.
Related Stories
Keep up with the latest news and events
Join our mailing list, it’s free!
