What to Do If You Think Your Personal Data Was Compromised in a Data Breach

Data breaches have become an all-too-common concern for everyone worldwide. Australian consumers, too, have felt the impact of these security incidents. One notable breach that sent shockwaves throughout the world recently involved Ticketmaster, a popular concert booking site. In this breach, cybercriminals gained unauthorized access to sensitive information belonging to 560 million Live Nation/Ticketmaster users¹. Names, addresses, email addresses, phone numbers, and even partial credit card details were exposed, leaving customers vulnerable to potential fraud and identity theft.

But Ticketmaster isn’t the only case. Let’s explore other significant data breaches that have affected Australian consumers:

Data Breaches Over The Past Years

• Canva (May 2019):

  • Impact: A staggering 137 million users were affected.
  • Canva, the Australian unicorn known for its online design tool, fell victim to a monumental breach. Cybercriminals accessed user data, including usernames, real names, email addresses, country data, encrypted passwords, and partial payment details.

• Latitude (March 2023):

  • Impact: Over 14 million customers from Australia and New Zealand were impacted.
  • Latitude, a personal loan and financial service provider, suffered a breach when employee credentials were stolen. The stolen data included full names, physical addresses, email addresses, phone numbers, dates of birth, driver’s license numbers, and passport numbers.

• Optus (September 2022):

  • Impact: Approximately 9.8 million Optus customers were affected.
  • As Australia’s second-largest telecommunications company, Optus faced one of the country’s biggest security breaches. 

• Medibank (December 2022):

  • Impact: A staggering 9.7 million people were impacted.
  • Medibank, Australia’s largest health insurer, experienced a breach that exposed sensitive information. The incident raised concerns about data protection and privacy practices.

What to Do If Your Personal Data Is Compromised in a Data Breach

If you think you’re part of the Ticketmaster data breach or some other breaches. Here are things you can do to protect your personal information:

1. Know How You Are Affected and Confirm the Breach 

• Why Confirm? Confirming the breach ensures you’re not acting on false alarms. Look for signs like unexpected account activity, suspicious emails, or notifications from the breached organization.

• Direct Notification: If you receive a direct notification from an affected organization about a data breach, pay attention to the details provided. This notification should include the type of information involved and specific actions you need to take.
• Check Official Communications: Visit the website of the affected organization and look for any official communications related to the breach. Understanding what data may have been compromised is crucial.
• Use the “Have You Been Hacked?” Tool: The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) provides a helpful tool called “Have You Been Hacked?” Select the option for lost or stolen information and follow the prompts. The tool will guide you on securing your finances, accounts, email, and identity.

2. Be Aware of Scams

• Stay Vigilant: Be on alert of any suspicious emails or messages that may indicate unauthorized access to your data. Scammers often take advantage of data breaches. They may pose as organizations through emails, texts, or phone calls. Always verify communications from an organization through official sources, such as their website.
• Avoid Suspicious Links: If you receive an email asking you to reset your password due to a breach, do not use the links provided. Instead, visit the official website directly or call their verified phone number.

3. Secure Your Accounts

• Change Passwords: If your password has been compromised, change it immediately. Use unique passwords for each online account. Consider using a password manager or creating strong passphrases or consider using an authenticator app for two-factor authentication (2FA) to enhance security¹.
• Review Security Settings: Check other accounts for recent login activity and transactions. Some services allow you to view devices that have accessed your account.

4. Freeze Your Credit

• Contact all three credit bureaus (Equifax, Experian, and TransUnion) to freeze your credit. This helps prevent unauthorized access to your credit history¹.

5. File a Report

• Report the breach to the Office of the Australian Information Commissioner (OAIC). Provide details about what happened and the steps you’ve taken to address it¹.

6. Stay Informed

• Keep an eye on news updates related to the breach. Organizations often provide additional information as investigations progress¹.

Remember, acting promptly is essential when your personal data is at risk. By following these steps, you can minimize the impact of a data breach and protect your information.