How familiar are you with cybercrime in Australia?

Learn how it has been growing significantly with these statistics for cybersecurity and cybercrime  

Cybercrime and cybersecurity is increasing in Australia and around the world. At Sydney Technology Solutions, we work hard to protect our customers from cybercrime with layers of security designed to fight off sophisticated cyberattacks, phishing, malware, social engineering and hacking. Australian businesses are rich targets for cybercrime. It’s important for you to be aware of how prevalent cybercrime is, so we are sharing with you recent statistics on Australian cybercrime.

Cybercrime is a true threat to businesses, municipalities, and organisations in Australia. It’s crucial to protect your IT network from cyberthreats, but just as critical to train your employees and contractors how to spot phishing when it shows up their email.

What are the Cybercrime General Statistics in Australia?

  • Cybercrime has cost the Australian economy up to $1 billion annually in direct costs alone. (ACIC, 2019)
  • Cybercrime is expected to cost $6 trillion globally by 2021 (Cyberventures, 2016)
  • Australia is ranked 5th in the amount of exposed records by country at 20,035,981 — an average of 834,833 exposed records per breach (Risk Based Security, Inc, 2018)
  • The Australian Cybercrime Online Reporting Network (ACORN) received an average 12,750 reports of cybercrime between January 1, 2017- June 30, 2018. (ACORN Snapshot, 2017-2018)
  • According to Norton, there are 516,380 Australian small businesses that were victims of cybercrime in 2017 (
  • The top three crimes reported to ACORN were scams and fraud (50%), purchase or sale (21%), and cyberbullying (7%) (ACORN Snapshot, 2017-2018)
  • Unauthorised email access, malicious software, and unauthorised bank access were the top four cybercrimes experienced by Aussies (Symantec, 2018)
  • About 41% of cybercrime victims were between 20 – 40 years old and 34% were between 40-60 years old (ACORN Snapshot, 2017-2018)

How Much Cybercrime Has Been Reported in Australia?

Since the Notifiable Data Breaches Scheme began in February 2018, Australians have had the ability to report and track breaches for law enforcement. Because cybercrimes evolve quickly, it’s difficult to track them. That’s one reason why protecting your data from any malicious actors is critical.

  • $3 million or more — Number of Australian Government agencies, not-for-profit organisations, and businesses required to report a data breach incident to the OAIC (OAIC, 2018)
  • 30 days — how long entities have to report a data breach to the Commissioner’s office (OAIC 2018)
  • 812 — the number of data breaches reported to the Office of the Australian Information Commissioner (OAIC) since the Notable Data Breaches (NDB) scheme was introduced
  • 114 — the voluntary data breaches reports that were received by the OAIC during the 2017 financial year. This was one year before reporting became mandatory (, 2018)
  • 55% of organisations believe they have been fined for being in breach of the NDB Scheme and the General Data Protection Regulation (GDPR) (Telstra Security Report, 2019)
  • Failure to comply with the NDB scheme can result in fines up to $420,000 for individuals and $2.1 million for organisations (OAIC, 2018)
  • 63 — the amount of data breaches the OAIC was notified about in the first six weeks of mandatory reporting
  • Proposed amendments to the Privacy Act may increase maximum penalties to $10 million or 3X the value of any benefit obtained through misuse of information or 10% of a company’s annual domestic turnover — whichever is greater (Attorney-General for Australia, 2019)

How Many Cyber Scams Have There Been in Australia?

There has been a growing number of cyber scams globally and in Australia, costing businesses millions of dollars. Many of these scams are implemented by sending emails to recipients who don’t know how to spot fraudulent messages.

  • Businesses reported 5846 scams with $7.2 million in losses in 2018 (ACCC – Targeting Scams, 2019)
  • Business email compromise losses reported to Scamwatch in 2018 exceeded $3.8 million, and when combined with reports to ACORN, losses to business email compromise scams exceeded $60 million. This is a 170% increase over the combined losses of $22.1 million reported in 2017 (ACCC – Targeting Scams, 2019)
  • 63% of losses reported to Scamwatch were Business Email Compromise (BEC) scams (ACCC, 2018)
  • $2.8 million in total losses were reported to Scamwatch for BEC scams (ACCC, 2018).
  • $30,000 was the average cost for a BEC scam (ACCC, 2018)
  • In 2018, Scamwatch received 177,516 scam reports. This is a 10% increase over the 161,528 reports in 2017. (ACCC – Targeting Scams, 2019)
  • In 2018, the highest level of financial loss ever was reported to Scamwatch with $107 million reported lost. That is an 18% increase over the amount in 2017 which totalled $90.9 million (ACCC — Targeting Scams, 2019)
  • 378,000 reports about scams were received by Scamwatch, ACORN and other federal and state-based government agencies. The combined losses exceeded $489.7 million (ACCC – Targeting Scams, 2019)
  • The percentage of Scamwatch reports that included a financial loss increased from 8.7% in 2017 to 10.1% in 2018. More reports were from victims who actually lost money, as opposed to reports of attempted scams that failed (ACCC – Targeting Scams, 2019)
  • The average dollar amount of losses reported to Scamwatch was $5997. This is a 6.7% decrease from the average loss in 2017 (ACCC – Targeting Scams, 2019)

At Sydney Technology Solutions, we want to protect our customers from costly cybercrime. If you want to learn more about cybercrime, cybersecurity or phishing, contact us.