The insurance industry has the fourth highest number of data breaches in the six months to June, emerging for the first time in the top-five list of sectors with the most cases reported to the Office of the Australian Information Commissioner (OAIC).

Of the 35 breaches reported by the industry, 28 were caused by malicious or criminal attack, the OAIC says in its Notifiable Data Breaches (NDB) report released today. The remaining seven breaches were caused by human error.

OAIC says eight of the malicious or criminal attacks were defined as a “cyber incident”, with two phishing breaches, three cases of compromised or stolen credentials, one ransomware detection and two reports of brute-force attacks.

In a brute-force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data, for example passwords.

The other 20 malicious or criminal attacks were linked to social engineering or impersonation, where perpetrators rely heavily on human interaction to manipulate their targets into breaking normal security procedures and best practices in order to gain access to systems, networks or physical locations.

About 66% of notifications from the insurance sector were made to the OAIC within 30 days of the notifying entity becoming aware of the breach.

The total number of data breaches reported in the first half of this year by all sectors increased 16% from a year earlier but was down 3% from the December half.

The health sector remained as the industry with the most breaches, with 115 notifications or 22% of the cases reported. Finance was second (15%), followed by education (8%), insurance (7%) and legal, accounting and management services (5%).

Cyber incidents made up 69% of malicious or criminal attacks, which dominated the number of data breaches notified during the period, accounting for 61% of the overall cases.

Most of the cyber incidents were linked to phishing (36%), followed by compromised or stolen credentials (25%), ransomware (15%) and hacking (13%).

OAIC says the rise in ransomware attacks to 33 from 13 in the December half is a concern.

“We are now regularly seeing ransomware attacks that export or exfiltrate data from a network before encrypting the data on the target network, which is also of concern,” Australian Information Commissioner and Privacy Commissioner Angelene Falk said.

“Malicious actors and criminals are responsible for three in five data breaches notified to the OAIC over the past six months. This includes ransomware attacks, where a strain of malicious software is used to encrypt data and render it unusable or inaccessible.”

Law firm Clyde and Co says the situation is worsening, based on its own data. The firm has seen a 41% jump in incidents this month from June, Partner John Moran, who heads the firm’s cyber incident response practice, said.

“We have identified many of those incidents have links back to COVID-19,” he told insuranceNEWS.com.au. “And we identify there has been a delay in notification of many of these incidents because businesses have been busy dealing with issues relevant to the pandemic and we predict there will be a further increase in incidents over the coming months.”

He says the OAIC data shows “the cyber threat is here to stay and we have noted that the level of demand being sought is on the rise with some demands being in excess of $10 million”.