The Office of the Australian Information Commissioner has launched the Notifiable Data Breach statistics dashboard, an interactive resource that enables the Australian community to access, analyse and benchmark data received under the Notifiable Data Breaches (NDB) scheme since its commencement in 2018.

The dashboard displays the volume of data breaches reported to the OAIC, the number of people affected, causes and sectoral trends, and will be updated every six months.

In the January–June 2025 reporting period, OAIC received 532 data breach notifications.

Malicious or criminal attacks remained the largest source of data breaches (59%, at 308 notifications). Cyber security incidents continue to be the predominant source of breaches of this kind.

The health sector had the most reported data breaches (18% of reported data breaches) with the finance sector reporting the second greatest number (14%), followed by Australian Government agencies (13%).

This reporting period saw a significant increase in data breaches caused by human error, accounting for 37% of all data breaches (193 notifications). This shows that the human factor continues to pose a notable threat to the strength of an organisation’s personal information security, regardless of how secure its systems are.

The OAIC has also published a case study on outsourcing to third-party service providers.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.

Author: David Jacobson
Principal, Bright Corporate Law
Email:
About David Jacobson
The information contained in this article is not legal advice. It is not to be relied upon as a full statement of the law. You should seek professional advice for your specific needs and circumstances before acting or relying on any of the content.