What we are doing
The ACSC overnight issued a notification to the owner/administrator of any potentially compromised account(s). At this time the ACSC is unable to provide any additional information on those users who have been affected by this breach.
What should you do
Regardless if you have been impacted, the ACSC emphasises the importance of changing passwords regularly, in combination with implementing strong passwords. The ACSC also advises users to implement multi-factor authentication on accounts where available.
To find out if you email has be compromised visit the Have I Been Pwned service managed by Troy Hunt.
To prevent this type of activity affecting your organisation, the ACSC recommends you review and implement the ACSC’s Essential Eight Strategies to Mitigate Cyber Security Incidents where appropriate.
The ACSC also recommends you review any available logs for ongoing malicious activity.