iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Office of the Australian Information Commissioner has released its latest Notifiable Data Breaches Report – and the news is not good.
The number of data breaches reported to the Office of the Australian Information Commissioner (OAIC) has increased to a three-and-a-half-year high during the first half of 2024.
The OAIC received reports of 527 distinct data breaches between January and June 2024, a 9 per cent increase over the previous six-month period and the highest number reported since the last half of 2020.
According to the OAIC’s Notifiable Data Breaches Report, the sectors that reported the most breaches were health and government, with each reporting 19 and 12 per cent of all breaches, respectively.
The OAIC called out the Medisecure data breach in May as being particularly impactful, with 12.9 million Australians caught up in the breach – the largest single breach since the Notifiable Data Breaches came into being.
Despite that, the majority of breaches impacted 100 people or less.
Sixty-seven per cent of all breaches were caused by “malicious and criminal attacks”, much the same as in previous years.
Australian privacy commissioner Carly Kind said the OAIC continues to have high expectations of Australian organisations.
“The Notifiable Data Breaches scheme is now mature, and we are moving into a new era in which our expectations of entities are higher,” Kind said in a statement.
“Our recent enforcement action, including against Medibank and Australian Clinical Labs, should send a strong message that keeping personal information secure and meeting the requirements of the scheme when a data breach occurs must be priorities for organisations.
“Our priority is ensuring compliance with the law, and we will help organisations achieve this through education and articulating what ‘good’ looks like.”
Kind also noted the growing scale of the threat.
“Almost every day, my office is notified of data breaches where Australians are at likely risk of serious harm. This harm can range from an increase in scams and the risk of identity theft to emotional distress and even physical harm,” Kind said.
“Privacy and security measures are not keeping up with the threats facing Australians’ personal information, and addressing this must be a priority.”
Kind also responded to the Privacy and Other Legislation Amendment Bill 2024. The OAIC welcomes the bill but contends that further reform is necessary.
“We would like to see all Australian organisations be required to build the highest levels of security into their operations to protect Australians’ personal information to the maximum extent possible,” Kind said.
You can read the full Notifiable Data Breaches Report: January to June 2024 here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
