The Office of Australian Information Commissioner (OAIC) has released their report for data breaches covering the first quarter of 2018. This report was of great interest as the results are the first released since the Mandatory Data Breach Scheme came into effect on 22nd February 2018.
There were 63 breaches notified in the first six weeks. The key statistics from the report were as follows:
Top 5 Industry Sectors to Record Data Breaches
- Health Service Providers** – 15 breaches
- Legal, Accounting & Management services – 10 breaches
- Finance (incl – Superannuation) – 8 breaches
- Education – 6 breaches
- Charities – 4 breaches
** A health service provider includes any organisation that provides a health service and holds health information.
Kinds of Personal Information Involved
- Contact Information – Name, Address, Phone Number &/or Email Address – 78%
- Financial – Credit Card &/or Bank Account Details – 30%
- Health Information – 33%
- Identity Information – Driver’s License &/or Passport Details – 24%
- Tax File Numbers – 14%
- Other Sensitive Information – 2%
Source of the Data Breaches
- Human Error – Inadvertent Supply of Information- 32 Breaches
- Malicious or Criminal Attack – Unauthorised Access of Information- 28 Breaches
- System Fault – 2 Breaches
- Other – 1 Breach
Number of People Affected in Data Breaches
- 1 Person – 20 Breaches
- 2-9 People – 17 Breaches
- 100 – 999 People – 11 Breaches
- 10 – 99 People – 9 Breaches
- 1,000 – 9,999 People – 3 Breaches
- 10,000 – 99,999 People – 3 Breaches
To view the full first quarter 2018, please visit OAIC’s report.
As this was the first report released and only covered a portion of the period, future reports will provide much clearer data. As it stands, a large portion of breaches that occurred in the first six weeks only affected less than 10 people per incident (59%) and occurred due to human error (51%)
We will continue to provide updates each quarter. To read more about how to prepare your business against data breaches, please check out our page here.
Comments are closed.