Statistics:

ODPA releases third quarter breach statistics

Published: 7 November 2024

The Office of the Data Protection Authority (“ODPA”) has published its latest breach statistics.

Every quarter the ODPA shares insights from recent breach data towards elevating breach preparedness for public and private sector organisations.

From 1 July-30 September 2024, there were a total of 40 reported personal data breaches, one more than the previous quarter.

These breaches affected 2,837 people, down from the previous quarterly figure of 14,019. However, twice as many people (517) were affected by ‘high risk’ breaches.

Case study: 

In one recent case, a retail outlet submitted a breach report after police informed them that an allegation had been made that a member of staff had shown CCTV footage from inside the store to a member of the public.

This CCTV footage contained images of customers and was not used in accordance with the retailer’s policy on CCTV use.

This incident demonstrates the importance of making sure that staff members only have access to the types of personal data needed to perform their duties. In most cases, not every member of staff requires access to all personal data processed.

In data governance, a “need-to-know" basis can greatly decrease the chances of a data breach. This incident further highlights the importance of having audit trails for instances where personal data is misused.

General guidance on how to handle a data breach can be found at Handling Data Breaches · ODPA

We also invite organisations to sign up for our next Breach Workshop on 5 December.

Figure 1.


Figure 2.


Figure 3.


Figure 4.


Figure 5.