The Office of the Australian Information Commissioner (OAIC) has released its latest data Notifiable data breaches report, revealing a concerning trend as the health service providers finds themselves as the most attacked in by cyber criminals.
This revelation comes amid new research from leading Australian cyber security experts, AUCyber, highlighting the severe risks to Australians’ personal health records and calling for urgent action from both government and healthcare providers.
Source: Australian Government OAIC, ‘Notifiable Data Breaches Report’ (January to June 2024)
Key Findings:
- Surge in Data breach notifications: From January to June 2024, the OAIC received 527 data breach notifications, the highest number since the latter half of 2020, marking a 9% increase compared to the previous six months.
- Prevalence of cyber security incidents: Cyber security issues remain a leading cause of data breaches, accounting for 38% of total notifications. This trend reflects a growing vulnerability in our increasingly digital landscape.
- Major healthcare breaches: The report highlights a troubling incident that affected over 10 million Australians, marking the largest breach recorded under the NDB scheme. This underscores the critical need for improved data protection measures.
Personal Health records of concern
According to recent research by AUCyber – 2024 Cyber Security Healthcare Report – based on a survey of over 1,000 Australian voters conducted by YouGov, 82% of Australians are deeply concerned about the safety of their personal health records.
High-profile incidents, such as the Monash Health breach via ZircoDATA and the illicit sale of MediSecure’s e-script data, underscore the urgency of addressing these vulnerabilities.
“Our research shows that 71% of Australians believe safeguarding healthcare data is primarily the responsibility of the federal government and healthcare institutions,” AUCyber CEO Peter Maloney said.
“The stakes are high, and it is crucial for these entities to act decisively to protect personal information.”
The recent findings from AUCyber reinforce the need for stronger security measures across all sectors, particularly in healthcare.
“Healthcare providers must bolster their defences and adopt comprehensive measures to safeguard against cyber threats,” Mr Maloney said.
“Protecting sensitive health information is not just a regulatory obligation but a crucial element of maintaining public trust.”
The 2024 Cyber Security Healthcare Data Report is available to download as a complimentary resource.
