New data breaches report published
06th Nov 2018
The Office of the Australia Information Commissioner (OAIC) released the latest quarterly report on the Notifiable Data Breaches Scheme on 1 November 2018.
It shows 245 data breaches were reported. Of those, 57% were from malicious or criminal attack, 37% were a result of human error and the remaining 6% were system faults. These figures are similar to what was reported in the last quarter.
Malicious or criminal attacks are deliberately crafted to exploit known vulnerabilities for financial or other gain. Attacks included cyber incidents such as phishing, malware, ransomware, brute-force and hacking, as well as social engineering or impersonation. The cyber incidents exploited vulnerabilities involving a human factor such as clicking on a phishing email or disclosing passwords.
The majority (89%) of the 245 data breaches this quarter involved ‘contact information’ such as home address, email address or phone number. This is different to ‘identity information’ which refers to information used to confirm an individual’s identity such as passport number, driver’s licence or other government identifiers.
The full report can be found here.
In summary, if you are suspicious of an email you receive, do not open it and call the sender to confirm that it has come from them.