Focus on the individuals affected, not the number of breaches

30% of incidents account for 80% of exposed personal data, says Huntsman Security.

  • Thursday, 5th June 2025 Posted 2 weeks ago in by Phil Alsop

Preventing just a third of reportable data security incidents could protect nearly 80% of breach victims in the UK and Australia, according to new analysis from Huntsman Security. The company’s review of regulator data shows that a relatively small number of attacks and errors, most of which could be mitigated by best practice security controls, are the cause of millions of individuals’ personal information being compromised each year.

The analysis is based on the UK Information Commissioner’s Office’s (ICO) data on security incidents and a Freedom of Information request to the Office of the Australian Information Commissioner (OAIC).

Huntsman found that just 29% of data security incidents in the UK and 32% of reported data breaches in Australia were responsible for the vast majority of compromised data records, affecting tens of millions of individuals. The most common causes of breaches were familiar and persistent, such as phishing, malware and inappropriate access to data.

The data highlights the security challenges faced by organisations and the critical importance of getting the basics right. By focusing on these particular incident types and embedding basic, routine cyber security processes into their “business as usual” operations, security teams can more effectively monitor their systems and identify any potential attacks.

UK: A small number of breaches, a large number of victims

Huntsman Security’s review of UK ICO data for 2024 shows that just 2,817 data security incidents, or less than a third (29%) of the 9,654 where a cause could be identified, were linked to the specific threat vectors of brute force attacks, malware, phishing, ransomware, or system misconfigurations. These incidents were responsible for nearly 80% of all individuals affected by a data security incident that year, with 13.9 million people impacted out of a total of 17.6 million.

These 2,817 incidents also made up around 90% of all cyber-related data security incidents, underlining the importance of prioritising controls that protect against them. Many of these attacks are targeted, and therefore more likely to compromise high-value data, including health records, financial information and identity documents, thereby increasing the risk of data loss for both individuals and organisations.

Australia: A high-impact breach landscape with slow detection times

In Australia, the picture is similar. Just 1,188 incidents (32% of all eligible data breaches reported between 2022 and 2024), that involved brute-force attacks, phishing, malware, ransomware, hacking, and unauthorised access, were responsible for 77% of all compromised records.

Looking at the broader picture, OAIC data shows that while malicious or criminal attacks accounted for just 62% of all eligible data breaches (2,312 out of 3,742), they were responsible for a staggering 98% of affected individuals — 203.5 million data records out of a total 207 million.

A key concern highlighted in the Australian data is detection and response time. On average, it took organisations 48 days to identify these breaches, and in total 86 days before reporting them to the OAIC. This could prolong the period of risk exposure for affected individuals and compound the reputational and regulatory impact for the organisation.

“While it’s unrealistic to expect organisations to prevent every breach, the data shows that implementing some basic controls could really make a difference,” said Peter Woollacott, CEO at Huntsman Security. “Adhering to established security frameworks like NIST or the ACSC Essential Eight can dramatically reduce, not only the number of incidents, but – more importantly –the number of people affected by those incidents overall. Putting in place baseline controls such as effective and timely patching, multi factor authentication, user application hardening and regular backups can make the world of difference when it comes to effective cyber security.”

He added: “What’s needed is better visibility through a shift from periodic reviews to a more frequent, ‘business as usual’, approach that routinely identifies threats from mitigation, reports control effectiveness and reassures both security and executive stakeholders. Annual assessments or audits are simply no longer enough to protect against data theft.”

Organisations need immediate visibility into their security posture, with actionable insights that inform the risk mitigation team. Slow response times were highlighted in the Australian data and with cyber threats constantly evolving, tracking the state of security defences on a regular basis is now a priority. It is essential for protecting data, maintaining trust and avoiding costly disruption.

58% of organizations have observability programs, but 42% still don’t trust their AI models.

Public sector embraces GenAI

Posted 1 day ago by Phil Alsop
GenAI is expected to improve productivity, efficiency, and automation, with long-term ROI for Public Sector organisations.
Survey of 500 tech leaders shows companies are moving fast on AI plans while struggling with scale, integration, and compliance issues.
Insecure cloud configurations create widespread risk, highlighting the urgent need for unified cloud exposure management.

IT teams are losing visibility

Posted 1 day ago by Phil Alsop
New industry report highlights growing SaaS waste, persisting audit costs and evolving priorities as ITAM teams navigate increasing financial...

'Alarming' state of software engineering

Posted 1 day ago by Phil Alsop
Harness, the AI DevOps Platform™ Company, has released a new study revealing a growing disconnect between the promise of engineering excellence and...
New Endava research shows 93% want rapid adoption – even as infrastructure struggles to keep up.
According to a new report from Ericsson, 87 percent of business leaders surveyed in Europe believe 5G connectivity is required to accelerate R&D...