Australia ranked as the worst country in the world for data breaches over the September quarter, with an average 22 accounts being hacked every minute, new data has revealed.

VPN provider Surfshark published figures on Tuesday showing data breaches soared by 489 per cent across Australia between July and September, driven by tens of millions of people having their sensitive information stolen in recent hacks of Medibank and Optus.

The company worked with independent cybersecurity analysts to create a global map of hacks, showing 7387 local accounts were hacked per 100,000 Australians – the worst rate in the world.

Australia topped Russia (2568 hacks per 100,000 residents), and Turkey (2421 hacks per 100,000 residents).

It blew New Zealand, where 532 accounts were hacked per 100,000 residents, out of the water.

The most leaked data point across Australia over the September quarter was passwords, followed by email addresses, the Surfshark figures show.

“Globally, data breaches have gone down by 70.8 per cent from October to November,” Surfshark lead researcher Agneska Sablovskaja said on Tuesday.

“In Australia, however, data breaches have surged by 1550 per cent – from 107,659 in October to 1,776,065 in November.”

Unprecedented hacks leave Australians vulnerable

Unprecedented data leaks of corporate giants like Medibank and Optus, as well as significant privacy breaches at other companies like Telstra more recently, are driving a renewed debate about whether businesses are doing a good enough job protecting personal data.

The federal government is currently reviewing the Privacy Act to determine whether tougher penalties and tighter controls are needed to limit the data that companies hold, and for how long.

Part of the problem, Edith Cowan University senior lecturer Mohiuddin Ahmed said, is that hackers have seen Australia as a soft and valuable target for cyber attacks.

He said a string of national crises have been seen as opportunities by criminal groups, who try to exploit situations where individuals and companies might not be as vigilant as they should be.

“Attackers are preying on Australia partly because of its geographical location and wealth, and partially because it has been rendered vulnerable by the COVID pandemic, cost-of-living pressures and natural disasters,” Dr Ahmed told The New Daily.

Australia needs to bolster its cyber crime fighting abilities, experts say.

Australia has only recently emerged as a major target, with the country ranked 16th for data breaches when data collected going back to 2004 is included.

Since 2004, Australia has seen 125.9 million accounts breached, which compared to 9.73 billion in the United States and 3.65 billion in Russia.

“If large data breaches keep happening in Australia, the country may not be far behind these countries for long,” Ms Sablovskaja said.

Mr Ahmed said that increased vigilance from Australian companies in the wake of high-profile hacks could help deter future cyber criminals.