More Australians at risk than ever before.
Cybercriminals got very busy targeting Australians in 2022.
It has been revealed that a total of 890 breaches were reported to OAIC in all of 2022.
92 data breaches reported to the Office of the Australian Information Commissioner (OAIC) in December alone.
Most were classified as cyber incidents, caused by ransomware, compromised or stolen credentials, hacking or malware.
The second half of 2022 saw a 26% rise in data breaches reported to OAIC, compared to the first half of the year, including well-publicised mega-breaches involving Optus and Medibank.
Five of the breaches affected over one million Australians, compared with normal reports of single, local breaches.
The major breaches included the theft of the names, dates of birth, addresses, phone numbers and email addresses of around 5.1 million Medibank customers, and the theft of the passport numbers, home and email addresses, dates of birth and drivers licence numbers of as many as 9.8 million Optus customers.
Of the 497 breaches that were reported to OAIC between July and December 2022, 350 were malicious or criminal attacks, a 41% increase in this type of breach compared to the January to June period.
The rest were either human error (123) or systems faults (24).
The latter category saw a 60% increase compared to the first half of 2022.
Whether it is intentional, unintentional, or a failure of the technology itself, we are far from ready to rely on these systems.
The sheer number of major cases reported is stunning, and it seems it may get worse as 2023 continues.
Just today, Latitude Financial — a company that issues consumer loans and runs a buy now, pay later scheme used by major retailers — has revealed hackers have stolen the personal information of more than 300,000 customers, including licences.
Humanity is forced by tech oligarchs to migrate to these systems, only to have their trust broken.
Sensitive information ending up ‘god knows where’, putting both businesses and individuals at risk.
As usual, our authorities are playing ‘catch up’ with laws and regulations, with OAIC undertaking a review of the Privacy Act.
PRIVACY ACT REVIEW
Under the Notifiable Data Breaches (NDB) scheme, any organisation or government agency covered by the Privacy Act that experiences an eligible data breach must notify affected individuals and the OAIC.
Eligible data breaches are defined as incidents in which personal information has been accessed, disclosed or lost, that could be “used to harm the affected individuals”.
It is critical that our privacy laws are fit for purpose.
We also must ensure businesses do the right thing by their customers by placing limitations on the data they collect.
But will the government’s ‘solution’ end up worse than what they are trying to ‘solve’?
In December 2022, OAIC was granted new powers to ensure that organisations are adhering to the NDB scheme, including the “power to investigate whether they have proper procedures in place to detect data breaches and report them”.
The new powers allow OAIC to share information with other authorities about data breaches. Perhaps another breach potential.
On 16 February 2023, the Attorney-General publicly released the Privacy Act Review Report.
At present, submission are available to the following consultation papers as this process continues:
Feedback is being sought on the government response to the Privacy Act Review Report.
The deadline for feedback is 31 March 2023.
We will have to see what emerges from this, but I am not very confident.
Will it involve more snooping and control?
Will it simply be another nothing-policy where cyber crime still continues?
Either way, the best thing you can do is protect yourself and not rely on Daddy Government to help you.
For more TOTT News:
Facebook — Facebook.com/TOTTNews
YouTube — YouTube.com/TOTTNews
Instagram — Instagram.com/TOTTNews
Twitter — Twitter.com/EthanTOTT
Bitchute — Bitchute.com/TOTTNews
Gab — Gab.com/TOTTNews