May 15, 2021

Volume XI, Number 135


May 14, 2021

Subscribe to Latest Legal News and Analysis

May 13, 2021

Subscribe to Latest Legal News and Analysis

Cyber Criminals “King of The (Data Breach) Jungle”: 61% of All Data Breaches Caused by Malicious or Criminal Attacks, According to Oaic Report

The Office of the Australian Information Commissioner (OAIC) has released its report on notifications received under the Notifiable Data Breaches scheme for period January to June 2020.

The OAIC reported 518 breaches were notified to it in the relevant period. The OAIC noted a 3% decrease from the 532 breaches notified in the period July 2019 to December 2019. However, there was a 16% increase on the 447 notifications received during January to June 2019.

The Report noted that malicious or criminal attacks, being attacks deliberately crafted to exploit known vulnerabilities for gain, accounted for 317 (61%) of the 518 total breaches during the relevant period. The majority of these “cyber incidents” were linked to malicious actors gaining access to accounts through:

  • phishing attacks or by using compromised account details (133 notifications)

  • ransomware attacks (33 notifications), and

  • hacking (29 notifications) representing additional methods used by perpetrators. 

It is interesting to see the OAIC saw an uptick in data breaches resulting from malicious actors. Since the outbreak of COVID-19, we are seeing a range of COVID-19 related scams and criminal activity, including an increase in ransomware attacks Organisations should continue to remain vigilant against malicious cyber activity by adopting technical and non-technical risk mitigations, such as running staff training, implementing two factor authentication, regularly backing up data, reviewing information security practices and data breach planning and response procedures.

Copyright 2021 K & L GatesNational Law Review, Volume X, Number 224



About this Author

Cameron Abbott, Technology, Attorney, Australia, corporate, KL Gates Law Firm

Mr. Abbott is a corporate lawyer who focuses on technology, telecommunications and broadcasting transactions. He assists corporations and vendors in managing their technology requirements and contracts, particularly large outsourcing and technology procurements issues including licensing terms for SAP and Oracle and major system integration transactions.

Mr. Abbott partners with his clients to ensure market leading solutions are implemented in to their businesses. He concentrates on managing and negotiating complex technology solutions, which...

Keely O'Dowd, K&L Gates, attorney, Melbourne

Ms. O'Dowd is an experienced lawyer with a focus on technology and sourcing projects. She advises on a broad range of technology transactions, including procurement, outsourcing and software licensing. This work includes drafting and advising on a range of IT procurement and supply agreements. Ms. O'Dowd advises a range of corporations on privacy and cybersecurity.

Max Evans Lawyer technology matters, Software as a Service Agreements SaaS Sydney

Mr. Evans is a corporate and transactional lawyer with a focus on information technology and outsourcing. He provides assistance on a broad range of technology matters, including Software as a Service Agreements (SaaS), terms and conditions for software products and platforms as well as software procurement and outsourcing projects. Mr. Evans also provides assistance with technology and privacy aspects of mergers and acquisitions transactions.

Professional Background

Prior to joining K&L Gates, Mr. Evans worked in the insolvency and bankruptcy practice of...