A third of all the serious cybersecurity events in Israel in 2019 thus far have not been reported to the proper authorities as required by law, a report by Israel's Privacy Protection Authority revealed.
New regulations mandating companies and nonprofit organizations to report any significant breach of their systems came into effect in mid-2018. In the year since, the PPA has dealt with 146 severe cybersecurity events, but only 103 of them were reported by the organizations that fell prey to attacks. The rest were reported by third parties.
Follow Israel Hayom on Facebook and Twitter
According to financial daily Calcalist, the insurance and finance sector was hit the hardest by cyberattacks (23%), followed by data management and healthcare (10% each), communications and education (8% each), and internet (7%).
The report said that hackers used inherent security flaws in companies and organization's databases in 15% of the attacks. Passwords and usernames theft accounted for 7% of cases, human errors and malware were detected in 9% of cases, and unauthorized delivery of data or unintentional loss of media was the case in 8% of attacks.
The PPA said in a statement that failing to report a severe cyberattack is punishable by fine, as is the failure to adhere to regulations meant to protect personal data.
The PPA "is also authorized to cancel or temporarily suspend an organization's license to hold a database and to make any infringement public," the statement said.
