16th Feb 2019

D

Data security breaches on the rise

16th Feb 2019

The number of data security breaches is increasing, according to the latest report from the Office of the Australian Information Commissioner.

There were 262 data security breaches involving personal information in Australia from October to December 2018. This compares with 245 breaches reported in the previous quarter.

The report goes on to say that cyber attack, human error and system error are the top three reasons that Australian businesses are having to deal with the often long-lasting effects of data security breaches.

Affected companies underperforming

The impact of these breaches is felt not only in immediate financial terms. When customers’ trust is broken, it is not long before they turn elsewhere and they can be almost impossible to win back.

As well as disrupting day-to-day operations and diverting resources, data breaches tend to have a long-term negative impact on stock prices, according to UK company Comparitech. Their research found that stocks from 28 companies that suffered large breaches underperformed on the stock market.

Cyber attack

The leading causes of Australian data security breaches in the last quarter of 2018 were: malicious or criminal attack (168 notifications, 64%), human error (85 notifications, 33%) and system error (9 notifications, 3%).

Data breaches resulting from a malicious or criminal attack are on the increase as compared with the previous quarter.

Most of these attacks involved cyber incidents stemming from compromised credentials (usernames and passwords), with phishing and brute-force attacks increasingly common.

“Preventing data breaches and improving cyber security must be a primary concern for any organisation entrusted with people’s personal information” – Angelene Falk, Australian Information Commissioner and Privacy Commissioner

Australian Information Commissioner and Privacy Commissioner Angelene Falk reinforced the need for organisations and individuals to secure personal information by safeguarding credentials.

“Preventing data breaches and improving cyber security must be a primary concern for any organisation entrusted with people’s personal information,” Ms Falk said.

“Employees need to be made aware of the common tricks used by cyber criminals to steal usernames and passwords.”

Health and finance under attack

Private health service providers and finance were the top two sectors affected by data breaches in the last quarter of 2018.

Also high on the list were legal, accounting and management services, private education providers and mining and manufacturing.

Highest standard of data security in Australia

Working with a number of Australia’s largest financial bodies, mmw3degrees holds PCI DSS (Payment Card Industry Data Security Standard) certification. This is the highest standard of data security in Australia, as used by banks and other major financial institutions.

This level of compliance is rare among marketing services providers. We are proud to be able to provide our customers with a standard of security that few others can offer. Successfully participating in more than six Information Security and Risk audits per year, we are always ahead of changes to regulations and compliance, so we can communicate to our clients in advance and assist with change management.

Read more about our data services here, or simply contact us for more information.

For the full OAIC Notifiable Data Breaches quarterly report please see https://www.oaic.gov.au/media-and-speeches/news/notifiable-data-breaches-for-october-december-2018