Notifiable Data Breaches July-September 2018

Notifiable Data Breaches July-September 2018 report released

The Office of the Australian Information Commissioner (OAIC) released its latest quarterly report on the Notifiable Data Breaches (NDB) scheme.

It shows 245 data breaches affecting personal information were notified to individuals and the OAIC between July and September 2018.

The quarterly statistics report on the NDB scheme indicates 57 per cent of incidents were caused by malicious or criminal attack, and 37 per cent resulted from human error.

Australian Information Commissioner and Privacy Commissioner Angelene Falk said training staff on how to identify and prevent privacy risks needs to be part of business as usual.

“Everyone who handles personal information in their work needs to understand how data breaches can occur so we can work together to prevent them,” Ms Falk said.

“Organisations and agencies need the right cyber security in place, but they also need to make sure work policies and processes support staff to protect personal information every day.”


The scheme commenced on 22 February 2018. The OAIC publishes quarterly statistical information about notifications received under the scheme to help the community, business and government understand its operation and the causes of data breaches.

Notifications to the OAIC from multiple entities relating to the same data breach are counted as a single notification in the report.

The OAIC has produced a Data breach preparation and response guide for agencies and private sector organisations with obligations under the Privacy Act. Guidance for individuals on what to do after a data breach notification is also available on our website at

Key Statistics

The Notifiable Data Breaches July–September 2018 report shows:
• 245 data breaches were notified to affected individuals and the Office of the Australian Information Commissioner, compared to 242 the previous quarter

◦ 57% were attributed to malicious or criminal attacks, compared to 59% the previous quarter
◦ 37% were attributed to human error, compared to 36% the previous quarter
◦ 6% were attributed to system faults, compared to 5% the previous quarter

• 63% involved the personal information of 100 or fewer individuals, compared to 61% the previous quarter
• The top five industry sectors to report breaches were: ◦Private health service providers: 45
◦ Finance: 35
◦ Legal, accounting and management services: 34
◦ Private education providers: 16
◦ Personal services: 13

How can a Cyber Insurance policy respond in the event of a cyber-attack?
A typical cyber insurance policy is designed to help you with both preventing breaches in the first place and dealing with them if and when they occur. Cyber insurance policies usually include the following:
  • The cost of restoring or recreating electronic data following a breach or leak
  • Forensic services to investigate a breach
  • PR coaching in the event a breach harms your business’s reputation
  • Assistance guarding against data breaches, hacking and employee error
  • Guidance on how to respond to a breach
  • Funds to cover the adverse financial effects related to a breach
  • Funds to cover any fines that might be payable following a breach
Which Cyber Insurance policy is right for you?

There is no such thing as an impenetrable system; this is why in today’s digital age Cyber Insurance is a must for your business to mitigate your exposure in the event of a cyber-attack.

Find out how little it costs to protect your business from the costs attached to a cyber-attack. You can obtain a Cyber Insurance quote online in a matter of minutes, click here to begin.

Contact CRM Brokers today, we will work with you to find the right policy that mitigates your potential exposure from this emerging risk,  call us on 1300 880 494.

Partnership with Stay Smart Online

CRM Brokers are proud partners of Stay Smart Online, an Australian Government initiative designed to help everyone understand the risks and simple steps we can take to protect our personal and financial information online.

Stay Smart Online also provide a free Alert Service to explain recent online threats and how they can be managed. Small business users are provided with easy to understand online safety and security information and solutions to help protect their online safety a privacy.

Sign up to the Alert Service

Stay Informed – Connect with us on LinkedIn
Important Notice

This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.

Information is current as at the date the article is written as specified within it but is subject to change. CRM Brokers make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of CRM Brokers.