Australian organisations experienced nearly 500 notifiable data breaches in the back half of last year, a 26 percent increase on the first half and the highest figures since late 2020.
While the Office of the Australian Information Commissioner’s (OAIC’s) regular notifiable data breaches report for July to December 2022 isn’t out yet, a recent freedom of information request [pdf] reveals the numbers in advance.
It shows that notifiable data breaches grew from 393 in the first half of 2022 to 497 in the back half.
That puts figures against the narrative in cyber security that attacks on Australian organisations increased dramatically over the period, with high-profile breaches including Optus and Medibank, among others.
It’s also the highest number of notifiable data breaches since the period July to December 2020, according to the OAIC’s records.
The large number of breaches in the period led to a fast-tracking of privacy reforms – including much larger fines.
Broader changes to the Privacy Act are now being canvassed, as well as the potential for specific cyber security laws at the federal level – again, driven by the increase in high-profile data breaches over the period.
The FoI request is also notable because it provides a full breakdown of notifiable data breaches in 2022 by industry sub-sector.
This is important because the regular OAIC reports only break out numbers for the top five sectors in any reporting period.
As iTnews has previously reported, that makes it difficult to track trends in certain sectors, notably in the ‘Australian government’ category.
The figures show that Australian government agencies and departments notified 38 data breaches across 2022.
More than that, the FoI shows some worrying trends in certain sectors.
The insurance sector, for example, experienced eight notifiable breaches in the first quarter of 2022, growing to 12, 18 and then 24 across the next three quarters, a 200 percent increase across the year.
Legal, accounting and management services firms, as well as IT firms, also recorded a sharp rise in incidents.