Search
  • Avantia Threat Update

Fourfold increase in Notifiable Data Breaches

Updated: Aug 10, 2018



This week the Australian Government Information Commissioner released his report on Notifiable Data Breaches reported for the period 1st April, 2018 until 30th June, 2018 showing a X4 increase in reported breaches from his last report.



About this report

This report captures notifications received by the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches (NDB) scheme between 1 April and 30 June 2018.


The OAIC publishes quarterly statistical information about notifications received under the NDB scheme, which commenced on 22 February 2018, to assist entities and the public to understand the operation of the scheme. The report uses the term ‘data breaches’ throughout to mean those data breaches received by the OAIC under the NDB scheme.


Where data breaches affect multiple entities, the OAIC may receive multiple notifications relating to the same data breach. Notifications to the OAIC relating to the same data breach incident are counted as a single notification in this report.

The source of any given data breach is based on information provided by the reporting entity. Where more than one source has been identified or is possible, the dominant or most likely source has been selected for statistical purposes. Sources of data breach categories are defined in the glossary at the end of this report. This report captures notifications received by the Office of the Australian Information Commissioner (OAIC) under the Notifiable Data Breaches (NDB) scheme between 1 April and 30 June 2018.


The OAIC publishes quarterly statistical information about notifications received under the NDB scheme, which commenced on 22 February 2018, to assist entities and the public to understand the operation of the scheme. The report uses the term ‘data breaches’ throughout to mean those data breaches received by the OAIC under the NDB scheme.

Where data breaches affect multiple entities, the OAIC may receive multiple notifications relating to the same data breach. Notifications to the OAIC relating to the same data breach incident are counted as a single notification in this report.


The source of any given data breach is based on information provided by the reporting entity. Where more than one source has been identified or is possible, the dominant or most likely source has been selected for statistical purposes. Sources of data breach categories are defined in the glossary at the end of this report.


Note: Data breaches may involve one or more kinds of personal information.

Table 1.B — Kinds of personal information involved in data breaches by percentage of notifications — All sectors Kinds of personal information

Contact information = 89%

Financial details = 42%

Identity information = 39%

Health information = 25%

Tax File Number = 19%

Other sensitive information = 8%

Malicious or criminal attacks were the largest source of data breaches this quarter, accounting for 59 per cent. Many cyber incidents in this quarter appear to have exploited vulnerabilities involving a human factor (such as clicking on a phishing email or disclosing passwords).


The largest source of attacks was cyber incidents (97 notifications) such as phishing, malware, ransomware, brute-force attack, compromised or stolen credentials and hacking by other means.


Theft of paperwork or storage devices was also a significant source of malicious or criminal attacks (31 notifications).

Other sources included social engineering or impersonation (7 notifications) and actions taken by a rogue employee or insider threat (7 notifications).


This chart breaks down the kinds of data breaches identified as ‘malicious or criminal attack — cyber incident’ in the quarter.



Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING



Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.

© 2020 by Avantia CORPORATE SERVICES . All Rights Reserved.