Skip to main content

Step 6: Notify and report

Icon of a loud speaker with noise lines

If you are a business, you may have to notify your customers of the attack.

If your business holds sensitive information, you may also need to report the incident to regulators. This includes financial or personal information. 

If you think you need to make a report, consult with the Office of the Australian Information Commissioner or get legal or government support.

How to report a ransomware incident

Using your notes from Step 4: Write down key details, do the following:

  1. Contact your legal provider to assist you in contacting your customers, clients, and suppliers.
  2. Contact anyone affected by the compromise including staff, colleagues, family, and friends.
  3. Report the incident to us, the Australian Cyber Security Centre.
  4. If required under law, report any data breach to the Office of the Australian Information Commissioner.
  5. If you think your bank account or credit card details are at risk, contact your financial institution. They may be able to stop a transaction or disable your account.