The OAIC’s Notifiable Data Breaches Quarterly Statistics Report for October found that the finance industry received 35 data breaches in the third quarter of 2018, only behind the health services sector, which had 45 breaches.
Following that was legal, accounting and management services with 34 breaches, with education and personal services rounding out the top five, with 16 and 13 breaches, respectively.
Of the finance sector’s 35 breaches, 48 per cent (17) of them were due to human error, 46 per cent (16) were due to malicious or criminal attack and the remaining 6 per cent (two) were due to system faults.
Most notifications (74 per cent) in the period from the finance sector involved the personal information of 100 individuals or fewer, the OAIC found.
Breaches impacting between one and 10 individuals comprised 54 per cent of the notifications. Meanwhile, 26 per cent of notifications from the finance sector affected more than 100 individuals.
Out of the 16 malicious or criminal attack breaches in the finance sector, 11 (69 per cent) of those breaches were cyber incidents.
“Of the cyber incidents notified by the finance sector, seven data breaches were related to compromised or stolen credentials (such as phishing or brute-force attacks),” the report said.
“Hacked websites or systems was the source for three notifications, and ransomware for one notification.”
The finance sector captured notifications from entities such as banks, wealth managers, financial advisers, superannuation funds and consumer credit providers.
ISA fund CBUS sales reps actually supplied 300+ names addresses and personal details of members from a specific work site to Unions to use who were aiming to intimidate and shut down a job site. Tell me that isn’t a reportable actionable breach that was never reported and only midly penalized. Amazing how THAT never came out in Hayne’s prejudiced Royal Circus
it’s the adviser’s fault. they don’t have a degree. let’s blame them and jam them