The Office of the Australian Information Commissioner (OAIC) have just released a report of data breach notifications made between January to June 2023. According to the report, the number of data breach notification decreased by 16% down to 409 notifications. The top sectors to notify data breaches were Health service providers, financial services and recruitment agencies. 63% of the data breaches affected fewer than 100 people and the main source of data breaches were Malicious or criminal attack, followed by human error. For data breaches due to malicious or criminal attacks, 27% were from social engineering, 7% were insider threat and 7% were due to theft of paperwork or data storage device. And for human error, 46% was due to Personal Information being sent via email to the wrong recipient. As for time taken for breaches to be identified, 78% were identified within 30 days and 6% were identified after 12 months. The OAIC publishes twice-yearly reports on notifications received to track the leading sources of data breaches and highlight emerging issues and areas for ongoing attention.
This segment was created for the It’s 5:05 podcast