Since November 1, 2018, organizations subject to the Personal Information Protection and Electronic Documents Act (PIDEDA) have been required to report certain security and privacy breaches to affected individuals and the Office of the Privacy Commissioner of Canada and keep associated records.
Security and privacy breaches are an increasing concern and additional statistics released by the Commissioner include:
- A six-fold increase in breaches have been reported to the Commissioner since mandatory breach reporting came into effect.
- A quarter of the reported breaches involved social engineering attacks such as phishing.
Besides unauthorized access, other types of breaches involved accidental disclosure, the loss of a computer, storage drive or paper documents, and the theft of documents.
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedIn