Content written for

Individuals & families
Small & medium business

A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.

What to do if your data has been breached

You may hear about a data breach directly from an affected organisation, or read about a breach online or in the news. You might also learn about data breaches through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD's ACSC's) Alert Service.

Details of publicly known breaches may also be available at Have I Been Pwned. Input your email address or phone number to find out if you have been implicated in a known breach.

Follow our key steps to reduce your risk of impact from a data breach.

If you have received a direct notification of a data breach, it should include the type of information involved and actions to take. For more information on the data breach, contact the affected organisation directly. You can also visit the website of the affected organisation and look for any official communications.

To help determine what data may have been breached and how to respond, use the ASD's ACSC’s Have you been hacked? tool. Select ‘My information has been lost or stolen’ and follow the prompts. The tool will tell you the steps you should take to secure your finances, accounts, email and identity.

Visit the Office of the Australian Information Commissioner website for more information on the Consumer Data Right system and how to respond to a data breach containing your:

  • contact details
  • financial information
  • government-issued identity documents
  • tax file number and tax-related information, and
  • health information.

Scammers might try to take advantage of you when a data breach occurs. They may pose as an organisation in communications such as email, text, or phone. Be sure to confirm any communications from an organisation with an official source, such as their website.

For example, you may receive an email asking you to reset your password because it was compromised. Do not use the links or contact details provided in the message or email. Visit the official website and log in to your account, or call their phone number.

Change your password or passphrase. It is best practise to change your password or passphrase by logging into your account’s online platform or app directly. The ASD's ACSC has published guidance on using password managers and guidance on creating passphrases.

If your password has been compromised in a data breach, reset all accounts that use that same password as soon as possible. Use a unique password for each online account.

Review your security settings across other accounts. Some online services allow you to view what devices have recently used your login details and any recent transactions. You can usually also log out those devices from these settings.

In the case that your sensitive personal information was included in a data breach, you may be at risk of identity theft.

Visit the IDCARE website and complete the Get Help Form or call 1800 595 160 to access IDCARE’s Identity and Cyber Security Case Managers. IDCARE is Australia and New Zealand’s national identity support service. An IDCARE Identity and Cyber Security Case Manager can work with you to develop a specific response plan for your situation and support you through the process. IDCARE’s Learning Centre is also a key resource to learn how to prepare, prevent, detect and respond to identity and cyber security concerns.

If your identity has been stolen, apply for a Commonwealth Victims' Certificate - a certificate helps support your claim that you have been the victim of identity crime and can be used to help re-establish your credentials with government or financial institutions.

If your driver’s licence details have been compromised, you may be eligible for a replacement. Contact your local state or territory authority for more information.

Contact the ATO if someone has stolen your personal or business identity. You must report all tax-related security issues to the ATO.

If your personal details have been compromised, your money may be at risk. If you have not already done so, contact your bank or financial institution immediately. Follow their guidance on securing your account and freezing any affected accounts or cards.

If you are not satisfied with the response from your bank, you can seek free advice from the Australian Financial Complaints Authority (AFCA). If you have lost money, do not accept offers from third parties to help you get it back – this is a common tactic used by scammers to steal more money from you.

Even with your accounts, identity and finances now secure, continue to check and monitor for unauthorised activity. This will help determine if your data has been used to do anything that requires a response from you.

You can monitor for online activity such as:

  • social media posts in your name
  • private messages, texts, or emails in your name
  • purchases that you didn’t authorise
  • automatic transactions that have been set up without your authorisation, and
  • changes to your financial or banking details.

Be aware that if a person accesses your account, they may be able to hide their activity, for example, by permanently deleting messages they sent in your name.

Report cybercrimes, security incidents and abuse through ReportCyber. Your report helps to disrupt crime operations and makes Australia more secure.

Need more support?

For help with all types of threats, visit our where to get help page.

If you still need help, call our hotline 24/7 on 1300 CYBER1 (1300 292 371).

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it