By Anthony Morgan and Isabella Voce

This paper draws on data from a large national survey conducted in 2021 to examine the prevalence of data breaches among Australian computer users and the relationship between data breaches and other forms of cybercrime victimisation. Almost one in 10 respondents (9.3%) said they were notified their information was exposed in a data breach in the 12 months prior to the survey. Nearly one-third of these respondents (28.0%) had also been a victim of identity crime in the same period. Respondents who had been notified of a data breach were 34 percent more likely than other respondents to have been a victim of identity crime in the 12 months prior to the survey. They were also more likely to have been a victim of online scams or fraud and ransomware. Measures to protect individuals whose information has been exposed in a data breach from other potentially related cybercrimes are essential and should be prioritised when data breaches occur.

Statistical Bulletin no. 40. Canberra: Australian Institute of Criminology. 2022. 16p.