Hackers stealing our data
CYBER criminals have stolen the private data of millions of Australians in the past year, with new figures revealing more than 800 breaches that could cause “serious harm”.
Passport numbers, bank details, credit card or tax file numbers, drivers’ licences, health information and contact details have been lost or stolen, with at least two breaches a day, Office of the Australian Information Commissioner figures show.
Up to 10 million people were exposed to serious harm in one data breach late last year, while 64 per cent of the 262 breaches in the December quarter were the result of “malicious or criminal attacks”.
Phishing, malware, ransomware and “brute-force” attacks were used by hackers, along with compromised or stolen credentials, social engineering or impersonation.
Rogue employees or an “insider threat” were responsible in 12 per cent of criminal data breach cases.
The number of data breaches in 2018 was seven times higher than in 2017, thanks to mandatory reporting being introduced in February.
But experts want the law reviewed, including considering fines if breached occurred through carelessness.
Digital security expert Troy Hunt, founder of the Have I Been Pwned? website, said a full review was needed, particularly of the 30-day period companies have to report, the requirement that there must be a risk of serious harm, and that mandatory reporting is required only of companies with turnovers of more than $3 million annually.