Data breach notifications rise again in Q4

By Dylan Bushell-Embling
Thursday, 07 February, 2019

Data breach notifications rise again in Q4

The number of data breach notifications filed with the Office of the Australian Information Commissioner increased again during the fourth quarter of calendar 2018 to 262.

The latest Notifiable Data Breaches Quarterly Statistics Report found that nearly two-thirds (64%) of data breaches recorded during the quarter were attributable to malicious or criminal attacks. A further 33% were blamed on human error, with 3% blamed on system faults.

Of the breaches attributed to malicious attacks, most involved breaches stemming from compromised credentials, such as phishing or brute force attacks.

Meanwhile, the number of notifications has now increased every quarter since the scheme commenced. Total notifications rose from 63 in the first quarter (with the scheme having commenced in late February) to 242 in the second quarter and 245 in the third.

The majority of data breaches (156 or 60%) affected between 1 and 100 individuals, with a further 63 affecting 101 to 1,000 individuals. One breach recorded during the quarter affected more than 1 million individuals.

Contact details were involved in 85% of cases reported to the OAIC, making it the most common type of compromised personal information. This was followed by financial details (47%), identity information (36%), health information (27%) and tax file numbers (18%).

Finally, the top five sectors to report breaches were private health service providers (54 reports), finance (40), legal, accounting and management services (23), private education providers (21) and mining and manufacturing (12).

“Preventing data breaches and improving cybersecurity must be a primary concern for any organisation entrusted with people’s personal information,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said. Falk was appointed to the dual role in August.

“Employees need to be made aware of the common tricks used by cybercriminals to steal usernames and passwords. The OAIC works with the Australian Cyber Security Centre to provide prevention strategies for organisations, including regularly resetting and not re-using passwords.”

Image credit: ©

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Privacy International urges Google to crack down on Android security

Privacy International has released a petition, calling on Google to help fight vulnerabilities in...

Microsoft patches serious PKI vulnerability

Microsoft has patched a PKI spoofing vulnerability considered so severe that the US NSA took the...

Best of 2019: Email providers' phishing nets have "big holes"

Across the festive season we'll be reprising some of our best articles from 2019. Today we...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd