Australia Rocked by Record-High Data Breaches in 2024, Cyber Attacks Soar
Sydney, NSW – May 16, 2025
*This article generated with Google GEMINI AI and fact checked by A.Ritenis
Australia has been hit by an unprecedented wave of data breaches, with over 1,100 incidents reported across businesses and government agencies in 2024 – the highest number since mandatory notification requirements were introduced in 2018. This alarming surge underscores a growing threat to the personal information of Australians and a pressing need for stronger cybersecurity defences.
New statistics released by the Office of the Australian Information Commissioner (OAIC) reveal a staggering 1,113 data breach notifications in the full year of 2024, marking a significant 25 per cent increase from the previous year. The latter half of 2024 alone saw 595 breaches reported to the OAIC.
Australian Privacy Commissioner Carly Kind has voiced grave concerns over these figures, emphasising that the record number of breaches highlights the urgent need for organisations to bolster their defences against “significant threats” to privacy.
“The trends we are observing suggest the threat of data breaches, especially through the efforts of malicious actors, is unlikely to diminish, and the risks to Australians are only likely to increase,” Commissioner Kind stated. “Businesses and government agencies need to step up privacy and security measures to keep pace. Australians trust businesses and government agencies with their personal information and expect it to be treated with care and kept secure.”
Malicious Attacks Dominate, Government Agencies Targeted
Malicious and criminal attacks were identified as the primary drivers of privacy breaches, accounting for a substantial 69 per cent of all notifications in the second half of 2024. A worrying 61 per cent of these were classified as cybersecurity incidents.
The health sector reported the most data breaches, making up 20 per cent of the total, closely followed by Australian Government agencies at 17 per cent.
Annan Boag, the general manager of regulatory intelligence and strategy at the OAIC, highlighted a particularly concerning trend: a significant rise in data breaches caused by social engineering and impersonation – tactics that manipulate individuals into divulging sensitive information or performing specific actions.
“This was particularly significant within the Australian Government, which reported 60 notifications of this nature – a 46 per cent increase compared to the previous six months,” Mr. Boag noted.
Public Sector Lags in Response Times
Despite some improvements, the latest OAIC report also reveals that the public sector continues to trail the private sector in the crucial time taken to identify and notify data breaches.
“Individuals often don’t have a choice but to provide their personal information to access government services,” Commissioner Kind explained. “This makes it even more important that agencies keep personal information secure and have an action plan in place should a breach occur.”
She stressed the critical importance of swift action when a breach occurs. “Time is of the essence with data breaches as the risk of serious harm often increases as days pass. Timely notification ensures people are informed and can take steps to protect themselves.”
