Australia has had several major data breaches in recent years β Optus, Medibank, Latitude Financial, Canva β affecting millions of Australians. When your information is included in a breach, the response in the first few hours matters.
Step 1: Confirm the Breach
Don't act on a breach notification that looks like phishing. Go directly to the company's official website and look for a breach notification statement. Check haveibeenpwned.com to verify your email appeared in a breach and which type of data was included.
Step 2: Change the Password Immediately
Change your password on the breached service from a clean device. Use a password manager to generate a strong, unique replacement. If you used the same password anywhere else, change those too β credential stuffing attacks are automated and immediate.
Step 3: Enable MFA on the Affected Account
If you haven't already, enable multi-factor authentication on the breached account now. Even if your credentials are compromised, MFA prevents them being used to access the account.
Step 4: What Was Exposed Determines What You Do Next
Email and password only: Change the password, enable MFA, monitor for phishing emails targeting your account.
Email, phone number, and address: Be alert to targeted phishing, phone scams ("we're calling from your bank"), and physical mail fraud.
Medicare or healthcare data: The Department of Home Affairs offers a Medicare number replacement. Consider contacting Medicare directly.
Driver's licence or passport data: Contact the relevant issuing authority (VicRoads, Australian Passport Office). Replacement documents have specific processes for identity theft situations.
Credit card numbers: Call your bank immediately to report the card compromised and get a replacement issued.
Step 5: Monitor Your Credit
For serious breaches involving identity documents or financial information, consider placing a credit freeze or alert with Equifax or illion. This prevents new credit being opened in your name without your knowledge. Both offer free alerts.