Over 800 businesses hit by data breaches in 2018, including lost USB drives and fax machine fumbles
Friday, February 8, 2019/
Australian businesses are still consistently falling prey to malicious attacks by cyber criminals, with new data from the Information Commissioner revealing 262 data breaches occurred between October and December last year.
This marks nearly one full year of Australia’s Notifiable Data Breach scheme, which requires companies with turnovers of $3 million or more to report any data breaches of customer data to the Office of the Australian Information Commissioner (OAIC) and to any affected customers.
Since coming into effect in late-February 2018, over 800 data breaches have been reported to the OAIC, though the majority of those were small, affecting fewer than 100 people.
In the last quarter’s results, the OAIC revealed the leading cause of business data breaches were malicious or criminal attacks (64%) followed by human error (32%). Of these breaches caused by malicious attacks, the main incidents involved compromised credentials or brute-force attacks.
Again, the health service sector was the largest contributor to the spate of data breaches over the quarter, making up 54 of the 262. Following was the finance sector, legal sector and private education providers.
In the OAIC’s breakdown of the breaches, some amusing causes for breaches were uncovered, including two counts of faxes being sent to the wrong person, and nine counts of failure to use BCC when sending an email. Twelve counts of lost storage devices were reported.
“Preventing data breaches and improving cyber security must be a primary concern for any organisation entrusted with people’s personal information,” Australian Information Commissioner and Privacy commissioner Angelene Falk said in a statement.
“Employees need to be made aware of the common tricks used by cyber criminals to steal usernames and passwords. If a data breach occurs, early notification can help anyone who is affected take action to prevent harm.”
“By changing passwords, checking your credit report, and looking out for scams using your personal information, you can help minimise the harm that can result from a data breach.”
Amantha Imber runs a successful business — but she still has impostor syndrome Amantha Imber Inventium founder
Social media isn't about numbers, it's about connection Carlii Lyon Carlii Lyon PR founder
"My early decisions were rooted in fear": How good hires can set small business owners free Nancy Youssef Classic Finance founder
"No staff turnover": Business success hinges on a thriving company culture David Fazio Mate co-founder
Five ways to mentally prepare for the brutal capital-raising process Stacey Fisher Minnow Designs co-owner
In the age of online shopping, it's retail staff that make or break businesses Cal Doggett Properties & Pathways director