Report reveals more mega-breaches affecting Aussies

Breach reports to OAIC grow significantly

Newly released figures reveal that millions of Australians are believed to have been affected by data breaches in the three months to 30 June.

For the second quarter running the Office of the Australian Information Commissioner’s report on the Notifiable Data Breaches (NDB) scheme has included a breach affecting “10,000,001 or more” people.

The OAIC report notes that the figure “reflects the number of individuals worldwide whose personal information was compromised in this data breach, not only individuals in Australia, as estimated by the notifying entity”.

During the quarter, Australian-based online design service Canva revealed details of a security breach that is estimated to have affected some 139 million users.

The latest NDB report also includes one breach affecting 250,001-500,000 individuals, and two affecting 100,000-500,000 people.

A high-profile breach revealed during the reporting period involved 19 years of Australian National University information relating to staff, students and visitors. ANU’s administration in June said it had been hacked by “sophisticated operator”.

The university said that data obtained during the breach included names, addresses, phone numbers, dates of birth, emergency contact details, Tax File Numbers, payroll information, bank account details, student academic records, and student academic transcripts.

The Australian Catholic University also in June revealed details of a smaller scale data breach.

In total the OAIC received 245 breach notifications during the quarter, compared to 215 in the prior quarter.

Two other data breaches known to have been identified during the reporting period include one affecting property valuer LandMark White and another affecting education services provider MEGT.

The OAIC said that during the period around a third of the data breaches reported to it involved compromised credentials.

“The fact that there is a human factor involved in so many cases demonstrates the need for staff training to increase awareness of cyber risks and to take the necessary precautions,” said Australian Information Commissioner and Privacy Commissioner Angelene Falk in a statement.

The majority – 62 per cent – of breaches related to malicious or criminal attacks, the OAIC report revealed.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags privacycyber securitydata breachesOffice of the Australian Information Commissioner (OAIC)security

More about AustraliaAustralian Catholic UniversityAustralian National University

Show Comments