• ES2

OAIC Notifiable Data Breaches (NDB) Scheme Report 2018-19

Updated: Jul 14, 2019

The NDB scheme came into effect in the 30th year of operation of the Privacy Act in what would prove to be a landmark year for privacy.

Along with the Privacy (Australian Government Agencies—Governance) APP Code 2017 (also introduced in 2018), the NDB scheme was a significant reform, providing greater transparency and accountability for personal information handling in Australia.

The report looks back on the last 12 months of the Notifiable Data Breaches scheme (NDB scheme) since its introduction in February 2018. The report is intended to assist entities and others to understand the common causes of data breaches and to implement proactive strategies for better prevention into the future.

Some Key Stats

  • Just under 1000 breaches last year (964) - 60% criminal - 28% used credentials that were obtained by unknown means - 15% due to phishing

  • 35% Human error

  • 5% system faults

  • 83% of reports affected fewer than 1000 people (at risk)

To get a full insight, click below to download the full report.

Download Full OAIC NDB Scheme Report


Published: July 2019