Australians love their smart devices. But these handheld gadgets leave us vulnerable to those wanting to steal our information – known as a data breach. PROTECT+ Cyber security Work Integrated Learning student from Curtin University, Sam Snowden explains the risk of a data breach, highlighting the PROTECT+ best practices to protect yourself in a data breach.
More than 65% of reported data breaches in the first half of 2021 were driven by malicious or criminal intent. And during that same time period, data breaches arising from ransomware incidents increased by 24%. That’s quite a bit of demand for our personal information – and that’s in just six months. In a world where we’re all extremely o , data is currency so keeping ahead of the enemy is critical to protecting you and your loved ones from a potentially malicious data breach.
Here are my top insights about data breaches and how to protect your information should the worst happen.
What is a data breach?
A data breach is an umbrella term for any time that there is an unintended release of confidential data. The Office of the Australian Information Commissioner (OAIC) says: “A data breach happens when personal information is accessed, disclosed without authorisation or is lost.”
Legally, businesses must alert you if your information has been stolen and/or could cause you “serious harm”, which includes stolen payment details (financial harm) or information that could be used to commit identity theft. We strongly recommend to any new customer that they familiarise themselves with the OAIC’s reporting requirements to ensure they know how to respond when a breach happens. The broad definition means things such as video recordings of people playing video games such as Just Dance also count as data breaches.
What data is stolen in a breach?
Depending on the situation, almost any piece of data can be hacked in a data breach. Even more nerve-wracking is that during a breach a company may not know exactly what information has been compromised. The OAIC says contact information remains the most common type of personal information involved in data breaches, but deliberate attacks could also target usernames, passwords or payment data. Malicious activity, like scam calls which are almost a daily occurrence now, can lead to data breaches if you’re not careful enough. As smaller scale data breaches are common, it can be hard to track whether you’ve been affected. Those potentially affected by a data breach can check their details on the Have I Been Pwned website, which (safely) scours known data breaches and alerts you if it finds a match.
I’ve had a data breach! What do I do?
If you find out you have definitely been affected by a breach, assess the situation and check specifically what data was exposed. Even if report says it didn’t affect your password, it is still a good idea to either check your passwords to make sure they are strong or change them to make the account more secure. Even just your email address being leaked greatly increases the chances of your account being attacked or leading to further vulnerabilities.
Other actions you can take include: