The Office of the Australian Information Commissioner has published its Notifiable data breaches report July to December 2024.

In the half year, the highest number of reports came from health providers (121) followed by government (100), finance (54), legal and accounting (36), and retail (34).

Malicious or criminal attacks remained the largest source of data breaches (69%, 404 notifications), with cyber security incidents accounting for the majority of breaches of this kind. Phishing was the leading cause of notified cyber incidents, comprising 34% of breaches. It was followed by ransomware at 24%.

Most reported breaches affected less than 5,000 people each, but two were reported to affect between 500,000 and 1 million people. Most personal information in the breaches was contact information, identity data or financial or health information.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.

Author: David Jacobson
Principal, Bright Corporate Law
Email:
About David Jacobson
The information contained in this article is not legal advice. It is not to be relied upon as a full statement of the law. You should seek professional advice for your specific needs and circumstances before acting or relying on any of the content.