Data breaches hit all-time high — Capital Brief

The news: Last year saw the highest annual rate of data breaches on record, according to the latest figures by the national privacy watchdog.

The numbers: The Office of the Australian Information Commissioner (OAIC) received 1,113 data breach notifications from businesses and government agencies last year, a 25% increase on the previous year, and the highest since the notifiable data breach scheme commenced in 2018.

During the second half of 2024, 595 data breaches were reported under the notifiable data breach scheme, a 15% increase on the first half of the year. The health industry and the Australian Government continued to account for the most notifications at 20% and 17% respectively.

The top industries reporting data breaches also included finance, legal, accounting, and management services, and retail.

The most common cause of a data breach in the second half of the year was malicious or criminal attack, accounting for 69% of breaches, of which 61% were cyber incidences.

The context: The notifiable data breach scheme requires organisations to report incidences to the OAIC that are likely to result in serious harm to one or more individual. This includes when personal information is lost or stolen or the organisation has not been able to prevent the likely risk of serious harm with remedial action.