Close
The scheme made it obligatory for organisations covered by the Australian Privacy Act (this includes all Australian government agencies, businesses and not-for-profit organisations with an annual turnover of $3 million or more), to notify certain breaches.
What is a personal information breach?
A personal information security breach refers to any unauthorised access or disclosure of the personal information your organisation holds. This also includes the loss of information that’s likely to lead to unauthorised access or disclosure.
Data Breaches: 12-Month Insights
The Office of the Australian Information Commissioner (OAIC) released the “Notifiable Data Breaches Scheme 12-month Insights Report” in May 2019.
Key Take-aways
• There were a total of 964 eligible data breaches during the 12 month period
• Of those 964 breaches, the source/cause of data breaches were Human Error (35%), Malicious or Criminal Attacks (60%) and System Faults (5%).
• 833 pieces of contact information, 433 financial details, 249 health details and 184 tax file numbers were disclosed through these breaches.
• The most common type of human error was personal information being sent to the wrong recipient via email
The average total cost per per data breach for Australian Businesses was $2.13M (USD)
