Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

David Jones data breach

2 October 2015

David Jones notified the Office of the Australian Information Commissioner (OAIC) of a data breach on 1 October 2015.

The OAIC has since been in contact with David Jones about its immediate response to the incident, and is waiting to receive further information once their own investigation is further progressed. We will assess the information that David Jones provides to determine whether any additional action is required by the OAIC in keeping with the OAIC’s Privacy regulatory action policy.

The OAIC is encouraged to see that David Jones has notified affected individuals, and voluntarily notified the OAIC about this incident. Notification can be an important mitigation strategy that has the potential to benefit both the organisation and the individuals affected by a data breach. The OAIC strongly encourages notification in appropriate circumstances as part of good privacy practice. In 2014–15, the OAIC received 110 voluntary data breach notifications, a 64% increase on the previous year.