If shady hackers and cyber criminals in balaclavas are your biggest concern when it comes to cyber security, it might be time to look somewhere else for the cause of Australia’s data breaches, such as the mirror.
According to the latest Notifiable Data Breach report, which covers all breaches from April 1 to June 30, 36% of all reported data breaches were thanks to human error. In total, there were 305 reported data breaches over the quarter.
Australia’s mandatory Notifiable Data Breach legislation was introduced last year and enacted earlier in 2018. Companies with more than $3 million in annual revenue are now required to report any and all data breaches to the Privacy Commissioner and their customers, or face penalties of up to $1.7 million.
Sixty percent of breaches between April and June were due to genuine cyberattacks, such as phishing, malware, ransomware, brute-force attacks, or compromised or stolen credentials. A scattering of these were also due to stolen devices or paperwork, social engineering or “rogue employees”.
When it came to human error breaches, 22 of them were due to emails sent to the incorrect recipient, and a further 12 were due to information being unintentionally disclosed or released. Further incidents were also due to lost devices, failing to use BCC when sending an email, or insecure disposal.
Precisely one data breach was due to an unauthorised verbal disclosure of information.
However, despite the numerous data breaches, the number of customers affected was quite low. Just one breach affected between one million and 10 million customers and the vast majority (172) affected between two to 5,000 customers.
Fifty-one breaches were found to have affected just one single customer.
The health sector attracted the highest number of breaches at 49, with the finance sector following at 36 breaches. Of the 49 breaches in the health sector, 29 of them were due to human error.
NOW READ: Mandatory data breach reporting comes in tomorrow: Here’s what your business needs to know
Passionate about the state of Australian small business? Join the Smarts Collective and be a part of the conversation. |
COMMENTS
SmartCompany is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while it is being reviewed, but we’re working as fast as we can to keep the conversation rolling.
The SmartCompany comment section is members-only content. Please subscribe to leave a comment.
The SmartCompany comment section is members-only content. Please login to leave a comment.