Nearly 40% of reported data breaches were due to human error, including emails being sent to the wrong person
Wednesday, August 1, 2018/
If shady hackers and cyber criminals in balaclavas are your biggest concern when it comes to cyber security, it might be time to look somewhere else for the cause of Australia’s data breaches, such as the mirror.
According to the latest Notifiable Data Breach report, which covers all breaches from April 1 to June 30, 36% of all reported data breaches were thanks to human error. In total, there were 305 reported data breaches over the quarter.
Australia’s mandatory Notifiable Data Breach legislation was introduced last year and enacted earlier in 2018. Companies with more than $3 million in annual revenue are now required to report any and all data breaches to the Privacy Commissioner and their customers, or face penalties of up to $1.7 million.
Sixty percent of breaches between April and June were due to genuine cyberattacks, such as phishing, malware, ransomware, brute-force attacks, or compromised or stolen credentials. A scattering of these were also due to stolen devices or paperwork, social engineering or “rogue employees”.
When it came to human error breaches, 22 of them were due to emails sent to the incorrect recipient, and a further 12 were due to information being unintentionally disclosed or released. Further incidents were also due to lost devices, failing to use BCC when sending an email, or insecure disposal.
Precisely one data breach was due to an unauthorised verbal disclosure of information.
However, despite the numerous data breaches, the number of customers affected was quite low. Just one breach affected between one million and 10 million customers and the vast majority (172) affected between two to 5,000 customers.
Fifty-one breaches were found to have affected just one single customer.
The health sector attracted the highest number of breaches at 49, with the finance sector following at 36 breaches. Of the 49 breaches in the health sector, 29 of them were due to human error.
|Passionate about the state of Australian small business? Join the Smarts Collective and be a part of the conversation.|
Social media mishaps: Why businesses should think twice before cracking jokes online Catriona Pollard CP Communications founder
An ‘opportunity-hunting’ generation: Here's what millennial workers need and want Karen Gately Corporate Dojo founder
Spilling the beans: Why inviting someone to 'grab a coffee' is disingenuous and unnecessary Sue Parker DARE Group founder
The 10 most unemployable job titles on LinkedIn Ian Whitworth Scene Change co-founder
How Emily McWaters manages her Sydney-based business from Kangaroo Island Emily McWaters The Hamper Emporium chief
Why 'Orwellian' performance monitoring is crucial to building an ethical company culture Michael Kodari Kodari Securities chief