Data Breach: is it a common modern world problem?
Our increasing digital footprint through proliferation of digital apps, cross-channel social media experiences and diversifying technological devices has been bringing the topic of data breaches into everyday conversation.
According to the Office of the Australian Information Commissioner (OAIC), a data breach happens when personal information is accessed, disclosed without authorisation or is lost. Anyone can be at risk of a data breach – individuals, businesses and governments.
A data breach can happen as a result of an intentional cyber-attack by a hacker. However, it can also happen by the flaws within a company’s infrastructure, staff accidents, faults in user behaviour, or through lost and stolen devices.
According to UpGuard in 2020, the average cost of a data breach in Australia is .35 million. Last year, the OAIC was notified of 900 data breaches.
According to the 2021 Verizon Data Breach Investigations Report, a hacker can export the entire customer database of an organisation within only a few hours. However, it takes 200 days on average for an Australian organisation to identify a data breach in its system.
That is over 6 months!
80% of these breaches involve Personal Identifiable Information (PII), posing a serious risk to the financial security of the customers.
Once the breach happens, the priority becomes damage control. This involves securing existing systems and fixing any vulnerabilities within the infrastructure.
For an effective breach response, a company can work with a forensics team, legal, information technology, operations, human resources, compliance and other communications groups. Each one of these groups have a different role to play in responding to a data breach.
The first challenge for an organisation is to identify the incident in detail and pinpoint the vulnerability to make fixes within the system. This is often a complex and lengthy process. The next step is to measure the impact of the breach through both internal and external investigation to effectively communicate with customers and other stakeholders on findings and the required steps to take for protection.
While it is estimated that the majority of data breaches can be prevented, these incidents are very difficult to eliminate. Hence, it is incumbent on all of us to do what we can to protect our personal information.
How can you respond to a data breach?
If you are suspicious of identity compromise, you can activate SavvyShield (available in the Credit Savvy App) to request a ban on your Experian Credit Report. This will block unauthorised credit checks for 21 days, preventing fraudulent credit applications.
For more information on identity theft, check out data breach: protective measures & how to minimise impact.