AIC reports link between data breaches and other cybercrime
Share
The Australian Institute of Criminology (AIC) has released a report that examines the prevalence of data breaches among Australian computer users and the relationship between data breaches and other forms of cybercrime victimisation.
Recent high-profile data breaches have drawn attention to the risks that the public release of personal information poses to individuals and businesses.
The AIC’s study, which draws on data collected in a national survey conducted in mid-2021, found that almost one in 10 respondents were notified their information was exposed in a data breach in the 12 months prior to the survey.
AIC Deputy Director Dr Rick Brown said survey respondents who had been notified of a data breach were 34% more likely than other respondents to have been a victim of identity crime in the 12 months prior to the survey.
“There were higher rates of identity theft, online scams, fraud and ransomware attacks when comparing the difference in cybercrime victimisation between those who had and had not been the victim of a data breach,” Dr Brown said.
“The findings demonstrate that it essential we protect individuals who have been exposed in a data breach from other potentially related cybercrimes, and this should be prioritised when data breaches occur.”
The most common signs of being a victim of identity theft were:
- being told by a bank their identity had been stolen or account was misused
- finding unauthorised activity on their credit card
- getting calls about unpaid bills
- finding suspicious transactions on their bank statement
- being unable to apply for credit
- missing or strange bills.
These were all more likely to happen to respondents who had been notified their information was also exposed in a data breach.
The study also revealed that many data breaches occur when data custodians are targeted by a malicious actor or information held by these data custodians is released due to human error.
Aside from this, it was also found that certain internet practices make individuals more vulnerable to having their information exposed in a data breach.
This includes frequent use of platforms that might be regarded as more vulnerable to exploitation such as online marketplaces, dating websites, sexually explicit websites and gaming platforms.
While there was no relationship found between the average number of hours people used the internet for personal use and data breaches, the report found that average number of hours respondents used a digital device for work was positively associated with the likelihood of being notified of a data breach.
Although many data breaches target organisations rather than individuals, the AIC’s report states that using more vulnerable websites or platforms and engaging in practices known to undermine cyber security were both associated with a higher likelihood of data breaches.
This suggests that online activity may have a greater influence on the likelihood of having personal information exposed in a data breach than digital knowledge or ability.
The report concluded that there was clear evidence that people who are notified that their information has been exposed in a data breach are more likely to be a victim of cybercrime, particularly forms of cybercrime that involve the malicious use of personal information.
“In light of recent major data breaches in Australia, this research should help policy makers and law enforcement partners develop strategies to respond to data breaches and protect victims from repeat victimisation,” Dr Brown said.
Source: Australian Institute of Criminology publication. Content has been edited for style and length.
Eliza is a content producer and editor at Public Spectrum. She is an experienced writer on topics related to the government and to the public, as well as stories that uplift and improve the community.
Today’s Pick
11th Annual Aus Goverment Data Summit
April 1, 2025
7th Annual NZ Government Data Summit
May 7, 2025
3rd Public Sector Comms Week
May 14, 2025
Subscribe
We send emails,
but we do not spam
Join our mailing list to be on the front lines of healthcare , get exclusive content, and promos.
AI appointment Australia Australian boost boosts business businesses covid-19 cyber attack cybersecurity cyber security data data breach data management defence Digital employment enhance enhances fraud funding governance government grants Healthcare infrastructure Innovation Lockdown management new zealand NSW NZ online public Public Sector queensland renewable energy scams security Social Media Technology telecommunications victoria WA
Last Viewed