The Office of the Australian Information Commissioner (OAIC) released its Notifiable Data Breaches (NDB) Report for July to December 2023, providing valuable insights into the state of data security and privacy in Australia. The report highlights the persistent challenges faced by organisations in safeguarding sensitive information and underscores the importance of robust data protection measures.
Key findings from the report include:
- 483 breaches were notified, up 19% from 407 breaches in January to June 2023
- Malicious or criminal attacks remained the leading cause (67%) of data breaches
- The health and finance sectors remained the top reporters of data breaches. Health reported 104 breaches (22% of all notifications) and finance 49 breaches (10%)
- The majority of breaches (65%) affected 100 or fewer people
- In addition to the 483 primary notifications, the OAIC received 121 secondary notifications, a significant increase from 29 secondary notifications in January to June 2023
The report also called upon the need for a stronger regulatory approach to data compliance. The majority of these data breaches resulted from a third-party cloud provider or similar related software service providers. Compromised personal information included contact information, identity details, health information, financial information, and tax file numbers. As such, the report emphasised the risk of outsourcing personal information data handling and the need for the security of personal information to be a top regulatory priority.
For a full reading of the report, see here.