I’ve been hacked. What should I do?
Even if you’ve taken steps to protect your devices and accounts, you can still be hacked. But it’s not too late to recover and protect yourself or your business.
First, you should make a record of the key details of the incident. This includes what happened, when it happened, if someone contacted you, and how you responded.
These are things you can do to stop further access by the hacker:
- Disconnect from the internet.
- Scan for viruses to identify and remove any malware.
- Change all your passwords and passphrases.
- Notify your social network to be on the alert for any strange links or email attachments.
If someone has stolen sensitive data, you should contact these agencies to report it, get help, and reduce further harm.
Who should I contact?
Report cybercrimes, security incidents and abuse through ReportCyber. Your report helps to disrupt crime operations and makes Australia more secure. If your money and/or identity is at risk, also notify the relevant services below.
Your financial institution
Contact your bank or credit union immediately if your financial details were stolen. They may be able to freeze your accounts and credit cards, or stop a transaction.
Contact IDCARE if your information is at risk from a data breach. They’re a national identity and cyber support service for individuals and organisations.
Australian Taxation Office
Contact the ATO if someone has stolen your personal or business identity. You must report all tax-related security issues to the ATO.
The ASD's ACSC asks, ‘Have you been hacked?’
Find out what to do if you think you’re the victim of a cybercrime.
Report and recover from malware
If you’ve fallen victim to a malware attack, find out what to do and who to contact.
What to do if you're held to ransom
A guide to remove ransomware, recover your files and protect yourself against future attacks.
The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using anti-virus software.
Learn how to identify phishing messages to stay safe and protect your personal information.
Protect your accounts from cybercriminals with a secure password or passphrase.
Multi-factor authentication (MFA) is one of the most effective ways to protect your valuable information and accounts against unauthorised access.