Cyber Security
MediSecure hack that impacted 12.9 million Australians in April was the largest instance of data breach since the Notifiable Data Breaches scheme was launched in 2018. IBTimes UK

Australia has reportedly witnessed 527 data breaches between January and June 2024, which is the highest the country has recorded in three and half years.

The latest statistics from the Office of the Australian Information Commissioner (OAIC) revealed in the first six months of the year, there was a 9% increase in data breaches from the second half of 2023.

A breach is categorized as notifiable data loss when personal information is lost without permission, the loss causes serious harm to one or more people and the organization couldn't prevent the harm despite efforts to fix the issue.

The OAIC regularly shares data on breaches through the Notifiable Data Breaches scheme. The OAIC puts the MediSecure hack that impacted 12.9 million Australians in April as the largest instance of data breach since the Notifiable Data Breaches scheme was launched in 2018.

The health sector reported the highest number of data breaches with 19%, followed by the Australian government with 12%. Finance, education and retail were the other three sectors that reported the highest number of data breach cases.

"Almost every day, my office is notified of data breaches where Australians are at likely risk of serious harm. This harm can range from an increase in scams and the risk of identity theft to emotional distress and even physical harm," Australian Privacy Commissioner Carly Kind said. "Privacy and security measures are not keeping up with the threats facing Australians' personal information and addressing this must be a priority."

While malicious and criminal attacks were responsible for the most breaches, making up 67% of reported cases, cybersecurity incidents accounted for 57% of the data loss in 2023.

Meanwhile, the Australian government has introduced the Privacy and Other Legislation Amendment Bill 2024 aimed at strengthening the OAIC, 7News reported.

The bill empowers the OAIC to impose fines and issue infringement notices, in addition to security measures such as encrypting data, securing access to systems and facilities, and providing staff training.

"We would like to see all Australian organizations be required to build the highest levels of security into their operations to protect Australians' personal information to the maximum extent possible," Kind said.