Data breach notifications have reached a three-year peak, according to the Office of the Australian Information Commissioner (OAIC)
The Australian Government has introduced a new bill aimed at bolstering the nation's privacy framework, as the Office of the Australian Information Commissioner (OAIC) reports a surge in data breaches. According to the OAIC, the first six months of 2024 saw 527 data breaches reported, marking a 9% increase from the second half of 2023. This is the highest number of notifications since the July to December 2020 period. The data breaches were primarily due to malicious and criminal attacks, accounting for 67% of all incidents. This finding underscores the growing threat to Australians' personal information, a concern echoed by Australian Privacy Commissioner Carly Kind. Commissioner Kind stated, 'Privacy and security measures are not keeping up with the threats facing Australians' personal information.' She further emphasised that the high number of data breaches is evidence of significant threats to Australians' privacy. The MediSecure data breach, which affected approximately 12.9 million Australians, remains the largest number of Australians affected by a breach since the Notifiable Data Breaches scheme came into effect. The OAIC has high expectations of organisations, six years after the launch of the Notifiable Data Breaches scheme. The Commissioner welcomes the measures contained in the Privacy and Other Legislation Amendment Bill 2024 as an important step in fortifying Australia's privacy framework. The Bill aims to strengthen the OAIC's enforcement toolkit, including an enhanced civil penalty regime and infringement notice powers. The OAIC will continue to take a proportionate approach to enforcement and provide guidance to help organisations comply with their obligations. The Bill also provides clarification to the scope of existing security obligations by amending Australian Privacy Principle 11 to require organisations to implement technical and organisational measures to address information security risks. Further reform consistent with the Australian Government's response to the Privacy Act Review is still required to enhance security across the economy and bolster the Notifiable Data Breaches scheme. Commissioner Kind expresses a desire for all Australian organisations to be required to build the highest levels of security into their operations to protect Australians' personal information to the maximum extent possible. The high number of data breaches highlights that both the private and public sectors are vulnerable. While the organisations with the highest number of reported data privacy violations in the first six months of 2024 have not been explicitly listed, businesses in Germany with at least 10 employees and an annual turnover of one million euros or more reported a significant proportion of digital data theft or espionage incidents, with 46 percent experiencing such attacks in the previous year. As the fight against data breaches continues, the new legislation and the OAIC's enforcement actions serve as a strong reminder to organisations about the importance of data security and compliance. Commissioner Kind's recent enforcement actions against Medibank and Australian Clinical Labs should send a clear message to all organisations about the need for robust data protection measures.
Read also:
- United States tariffs pose a threat to India, necessitating the recruitment of adept negotiators or strategists, similar to those who had influenced Trump's decisions.
- Weekly happenings in the German Federal Parliament (Bundestag)
- Southwest region's most popular posts, accompanied by an inquiry:
- Discussion between Putin and Trump in Alaska could potentially overshadow Ukraine's concerns
){kind=link}