OAIC data breach notification statistics ‘frightening’

12 April 2018

The Office of the Australian Information Commissioner (OAIC) has released its first quarterly report into notifiable data breaches, which shows 63 reported breaches since the scheme began on 22 February 2018.

 

That means in only its first 38 days, the scheme is averaging more than two notifications every business day.

 

Gerry Power, Emergence National Head of Sales, says the statistics are “frightening”.

 

OAIC’s figures show health service providers made the most notifications, at 15; followed by legal, accounting and management services, 10; finance, including superannuation, eight; education, six; and charities, four.

 

“These figures are consistent with Emergence claims data that show the accounting industry is a major target for cyber theft,” Gerry said.

 

Human error was responsible for 32 of the notifiable data breaches (NDB) reported; malicious or criminal attacks, 28; and two were system errors.

 

Gerry said the high rate of NDBs in only 38 days of the scheme’s operation highlighted the need for cyber insurance.

 

“Emergence’s cyber policy gives insureds 24/7 access to an incident response team of experts who understand the importance of immediately mitigating potential threats to insureds’ businesses.

 

“The Emergence solution also manages reporting data breaches to OAIC, any subsequent regulatory investigations, and costs associated with communicating data breaches to affected individuals,” Gerry said.

 

“A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack.”

 

Emergence is a pioneer of cyber cover in Australia and provides protection for SMEs through to ASX-listed entities. It is a cyber specialist, focusing all its efforts on risk management and fine tuning its policy to provide top-level protection.

 

Gerry warned the NDB scheme meant companies could not keep silent on data breaches and hope for the best because notification to OAIC was now mandatory.

 

Talk to your insurance broker about how Emergence Insurance can support your business in the event of a cyber attack.

 

Insurance brokers can obtain Emergence cyber quotations for clients by accessing the broker portal at www.emergenceinsurance.com.au.