Saturday 03 December 2022
Select a region

Human error remains top cause of personal data breaches

Human error remains top cause of personal data breaches

Friday 21 January 2022

Human error remains top cause of personal data breaches

Friday 21 January 2022

The Office of the Data Protection Authority has published the latest statistics for data protection breaches. There were 25 breaches in November and December 2021.

Multiple industries were involved in the breaches. There were eight incidents in the health sector, which was the sector with the highest number. There were four incidents in the fiduciaries sector of financial services.

The leading cause of breaches was personal data being sent to the wrong individual with 15 reported incidents. This was either through an email (six breaches) or via the post service (nine breaches). 

The remaining 10 incidents were four cyber attacks, two incidents of unsanctioned information being accessed, three unspecified breaches and one from loss of data.

In total, there were 177 breaches last year, a minor reduction on the 180 breaches recorded by the Authority in 2020.


Pictured: The breakdown of personal data breaches for the period November and December 2021 has been reported by the Data Protection Authority. 

The Authority said that human error is routinely responsible for most breaches reported to them. 

The Bailiwick’s Data Protection Commissioner, Emma Martins, said: “Cyber incidents occur where criminals attack systems or seek to exploit human behaviour to gain access to systems.

"One of the strongest lines of defence against these crimes is to ensure your staff understand the risks to personal data, the tactics cyber criminals use and what your response plan is. 

"Your staff are both your biggest risk and your biggest opportunity in looking after the personal data in your care."

Since the turn of the year, the Authority has improved the way breaches can be reported. Organisations may now detail both how the incident happened and the consequences arising from the breach. 

The Authority will continue to publish bi-monthly anonymized statistics of breaches. The first breach report which will reflect the changed approach will be in March 2022. 

Sign up to newsletter



Once your comment has been submitted, it won’t appear immediately. There is no need to submit it more than once. Comments are published at the discretion of Bailiwick Publishing, and will include your username.

There are no comments for this article.

To place a comment please login

You have landed on the Bailiwick Express website, however it appears you are based in . Would you like to stay on the site, or visit the site?