You’d be a rare Australian not to have been affected by a data breach this year.
At the very least, you will have heard about the series of attacks that seem to have no end, and each one seems worse than the last.
According to figures released by security experts Surfshark, data breaches soared by 488 per cent for the quarter ending September 2022 – from about 320,000 to almost 1.9 million.
Read: Common scams and how to avoid them
According to The New Daily, an average of 22 accounts are being hacked every minute.
It says 7387 accounts were hacked per 100,000 Australians – giving us the dubious title of most hacked country in the world.
Next up were Russia (2568 hacks per 100,000 residents) and Turkey (2421 hacks per 100,000 residents).
The figures represent a massive turnaround for Australia, which tracked its data breaches as falling by 39 per cent in the previous two quarters.
“Globally, data breaches have gone down by 70.8 per cent from October to November,” said Surfshark lead researcher Agneska Sablovskaja.
“In Australia however, data breaches have surged by 1550 per cent, from 107,659 in October to 1,776,065 in November.”
Read: How to spot a fake review, before it ruins your Christmas shopping
The massive increase is being driven by hacks to large businesses such as Medibank and Optus.
Other companies and organisations to be hacked in 2022 include the Australian Federal Police, Woolworths, North Face, Uber and WA Health.
According to the Office of the Australian Information Commissioner (OAIC), health service providers made the most breach notifications, notifying the agency of 79 breaches for the period January to June 2022, followed by financial institutions with 52 notifications.
In light of the recent massive data hacks, the federal government is reviewing the Privacy Act. It will be considering tougher penalties for data breaches and re-examining limits on the volume of data organisations can access or keep. The act was introduced in 1988.
So what exactly is a data breach?
The OAIC defines a data breach as an event when personal information is accessed, disclosed without authorisation or lost. It can be an accident or a deliberate attack, however the OAIC estimates 63 per cent of the incidents in Australia are the result of malicious or criminal attacks.
Read: Why you need to be careful donating to charity this year
The OAIC also claims that 33 per cent of data breaches are due to human error, such as emailing information to the wrong recipient and unintended release or publication of data.
Under Australian law, victims must be told if the data breach is likely to cause harm.
What can you do?
If have been notified of a data breach, the OAIC recommends the following actions:
- If your contact information has been breached, you should immediately change your email account passwords, enable multi-factor authentication if possible, take care with any suspicious emails or phone calls and do not share any personal information until you are certain you know who you are sharing it with.
- For financial breaches, you should change your online banking passwords and banking PIN, check your account statements and request a copy of your credit report to see if it includes any unauthorised loans or applications.
- For any government-issued identity documents such as driver’s licence or passport, contact the issuing agency.
- For tax-related information, contact the Australian Tax Office, which can monitor any unusual or suspicious activity with your tax file number.
If you believe you are the victim of a breach but have not been informed by the group holding your data, you can complain to the OAIC here.
Have you been affected by a data breach? What did you do to protect your online data? Why not share your suggestions in the comments section below?