News & Insights

Australian cyber breaches hit new high

Published 01 August 2018

The Office of the Australian Information Commissioner (OAIC) has received 242 notifications under the Notifiable Data Breaches (NDB) scheme from 1 April to 30 June, it has been revealed.

The OAIC has released its first full quarterly statistical report which reveals that notifiable breaches continue to rise. In March 2018, the OAIC was notified of 55 data breaches, which spiralled to 90 in June 2018 representing the biggest month on record for data breaches.

Fifty-nine percent of the attacks registered by the OAIC over the quarter were criminal or malicious in nature while 36% could be blamed on human error – highlighting that cyber security is not enough to ensure protection.


Robyn Adcock, Gallagher’s Client Manager – Professional and Financial Risks, said that the statistics and the recent decision by the European Union to unveil its own cyber legislation, highlight the importance of cyber risk management.

“Cyber is no longer silent,” Adcock said.

With GDPR and mandatory breach notifications now a reality, cyber breaches are part of the public sphere, which brings with it challenges for all businesses.

“From a compliance perspective, it is better to be safe than sorry. If you think you fall under the regulation, a framework you put in place will only benefit your business from a security and trust standpoint.”

Cyber incidents, such as phishing, malware and ransomware, made up the bulk of attacks as 97 incidents were reported. Theft of paperwork or data storage devise was the second most popular attack method with 31 breaches while social engineering and insider threats were the third most common attack method with 7 breaches each.

Adcock noted that as cyber attacks become more common, the importance of cyber insurance and adequate protection against attacks becomes paramount.

“Conversations around cyber insurance have picked up markedly in the last 12 months following new legislation and a series of major global ransomware attacks in 2017,” Adcock continued.

“As legislation at home and abroad continues to develop, it is key that all businesses understand the cyber exposures they face and how best to mitigate against the threat of breaches that could be costly from both a financial and reputational perspective.”

This subject is explored in greater detail in the latest Gallagher Market Overview Report, Trust & Data: Into the Breach, which was published on 30 July. The report is available as a digital download.

Access the interactive online version of the report herechevron-right


Further reading

Cyber insurance

Do I need cyber-liability insurance?

Negotiating with a hacker in a ransomware attack on a business
Cyber | Article

Negotiating with a hacker in a ransomware attack on a business

07 July 2022
Legal penalty highlights businesses’ cyber security obligations
Cyber | Article

Legal penalty highlights businesses’ cyber security obligations

21 June 2022
Adapting your risk management protections to match evolving cyber cover
Cyber | Report

Adapting your risk management protections to match evolving cyber cover

31 May 2022