Security blogs

Notifiable Data Breaches Report: July–December 2020

Notifications
539
Up 5%
Malicious or criminal attack
58%
Down 1% to 310
Human error
38%
Up 18% to 204
System fault
5%
No change
An alarming statistic from this report is the 18% increase in Human Error. People unintentionally causing a breach. Often these errors are due to inattention, distraction or simply not caring enough to pay diligent attention to detail.

(Comparisons are to the period from 1 January to 30 June 2020)

Key findings for the July to December 2020 reporting period:

  • 539 breaches were notified under the scheme, an increase of 5% from the 512 notifications received from January to June 2020.
  • Malicious or criminal attacks (including cyber incidents) remain the leading source of data breaches, accounting for 58% of notifications.
  • Data breaches resulting from human error accounted for 38% of notifications, up 18% from 173 notifications to 204.
  • The health sector remains the highest reporting industry sector, notifying 23% of all breaches, followed by finance, which notified 15% of all breaches.
  • The Australian Government entered the top 5 industry sectors to notify data breaches for the first time, notifying 6% of all breaches.
  • 68% of the data breaches affected companies with 100 individuals or fewer.
  • 78% of entities notified the OAIC within 30 days of becoming aware of an incident that was subsequently assessed to be an eligible data breach.

Chart 1 – Data breach notifications under the NDB scheme

Download the full report for more information about the source of breaches, kinds of personal information involved, and top industry sectors to notify breaches. If you would like this report in an accessible format, please contact us.

Scroll Up