How to tell if you're part of a data breach

 

Close lesson
You have completed 0%

How to tell if you're part of a data breach

a laptop with files on the screen

What's coming up?

This activity will give you more information on how to determine if your personal information has been involved in a data breach. You'll find out where to check about data breaches, and some other ways you can keep your personal information secure.

Start activity

Big data breaches are newsworthy

Usually if a large company or service provider is the victim of a data breach, this will be reported on radio, TV and online news sites, as well as major print newspapers.

In some cases, the data might be serious enough that companies must notify the Office of the Australian Information Commissioner (OAIC) and the affected customers of the breach. You might also find out about a breach when the company contacts you directly via email or post.

the OAIC logo
Continue
man with several logos representing servicces around him

Smaller breaches are less visible

Some data breaches won’t get much attention and you might not be informed about them directly. This usually happens if the data breach is unlikely to cause serious harm. It's a good idea to regularly check up on your:

  • private medical or health insurance
  • phone provider (especially if you use a smaller one)
  • internet service provider
  • internet banking service
  • car, property or home contents insurance provider.
Continue

Other ways to find out about data breaches

Websites such as Scamwatch, IDCare.org and, for NSW residents, ID Support may publish information about data breaches.

If the data breach is significant and likely to cause serious harm to many thousands of people, there might be special alerts or information published on your state’s government services website, or the OAIC.

the australian government, scamwatch and idcare logos
Continue
a letter emerging from an envelope with an exclamation on it

How companies inform you of a data breach

Imagine that your phone provider has suffered a data breach. You may receive an email explaining the situation and telling you what steps to take to secure your information. You may also receive an SMS or text message to your phone, alerting you to the data breach.

Your phone provider will probably set up a special page on their website with all the information about the breach and instructions and advice for customers.

Continue

How companies inform you of a data breach (continued)

If the breach is very serious it might qualify as an eligible data breach. These breaches are judged as likely to lead to:

  • identify theft
  • financial loss through fraud
  • reputational damage
  • physical or psychological harm.

Companies need to notify the OIAC of these types of breaches, and you can find out more the OAIC website.

a scammer holding a mask
Continue
a laptop with a lockable shield over it

Read data breach emails and texts carefully

If you receive a text or email from a company saying your information was involved in a data breach, read it carefully and don't click any links.

Legitimate emails will tell you to visit the company's home page, or the relevant government website which has more information.

Continue
An icon of a padlock

eSafety tip

Sometimes scammers will send fake data breach emails. Instead of clicking a link in the email, use your web browser to visit the company's home page directly and look for information there. Never click or tap a link in an email or text message.

Continue

More scam calls might indicate a data breach

Receiving calls and emails from scammers is common, but if you suddenly start getting more scam calls, and the scammers seem to know more information about you than usual, this can be a sign of a data breach. Remember to use the report and block features on your phone when receiving a scam call. You can learn how to do this by visiting the following Be Connected video courses:

a ringing phone with a block icon over it
Continue
An icon of a padlock

eSafety tip

Remember that data breaches aren't personal. They are the result of large amounts of information about thousands of users being stolen from a server or database.

Your data just goes into a big list, and scammers work their way down the list, trying to trick people into one of their scams.

Continue
a notification telling of a data breach

Your apps might notify you of a data breach

If you use an app for banking or managing your phone, or some other service, the app might occasionally display a pop-up message or notification when it opens.

It can be tempting to just close these pop ups to get on with what you were doing. However, it's best to read the pop up carefully to see if there's information about a data breach or other cyber security issue that could affect you.

Continue

It's important not to panic

A data breach can feel very personal and invasive but if you remain calm, follow advice, and remain scam-aware, it's unlikely you will lose any money. You may need to get new ID and new credit cards, which is inconvenient and a bit like losing your purse or wallet.

As long as you stay proactive and follow advice, you should be able to get back to normal quickly, with new secure ID.

man relaxed
Continue

Well done!

This is the end of the How to tell if you're part of a data breach activity. You've learned that data breaches must be disclosed, and where to find information about them online. You've also learned to be on the lookout for an increase in scam calls or emails.

Up next, find out more about what to do in the What steps to take if you are part of a data breach activity.

the OAIC logo and a block call and block email icons
Continue