The Office of the Privacy Commissioner has reported increased data breaches over the last year. There were 109 and 98 breaches for quarters one and two, respectively. The majority were caused by human error. However, there was an increase in cases with malicious intent.
Email errors and unauthorised sharing most commonly caused human error breaches. In contrast, malicious activity included phishing attacks, email system high jacking for spam or fraud and installing malware, including ransomware.
The industries with the most severe breaches were health care and social assistance, public administration and safety, services, education and training, and finance and insurance.
Businesses need to ensure they are active in cyber security and can report breaches to the Office of the Privacy Commissioner as early as possible.
“That means letting this Office know. We are the regulator, and we are here to help support and educate where appropriate. Sharing the learning from these incidents is one way we can help prevent or limit the impact of future cases,” said Michael Webster, Privacy Commissioner.
