Protect Your Data

In the wake of multiple massive data breaches, the Home Affairs Minister is expected to announce several new security measures. At the top of the Minister’s list of priorities, banks and other institutions will be informed faster in the event of a similar data breach, so they can take immediate action to upgrade security and monitor customers who have had their personal details stolen.

While the seamless communication of critical information seems a logical response to a data breach, privacy protections currently prevent this from occurring.

On the Rise

A data breach occurs when an unauthorised person – or hacker – accesses sensitive data by copying, transmitting, viewing, or stealing it. Typically, they will exploit this data to commit identity theft, insurance fraud, and/or other cybercrimes that bring about significant financial gains.

Data breaches are on the rise, and they are increasingly damaging, particularly in the financial and healthcare industries. The Optus data breach saw hackers steal the personal details of up to 9.8 million Australians.

And, while the Government is revising its cybersecurity frameworks and policies to strengthen resilience against nation-state threat actors, it’s up to businesses to protect themselves by maximising their own security with the implementation of additional data breach prevention controls.

Six Steps to Increase Protection

  1. Limit access to your most valuable data.
  2. Make sure any companies/third-party vendors that have access to your important data are complying with privacy laws.
  3. Conduct employee security awareness training.
  4. Regularly update software.
  5. Develop a cyber breach response plan.
  6. Make it as difficult as possible for thieves to break in and steal your information by insisting on difficult to decipher passwords.

In the event of a data breach

Under the Notifiable Data Breaches (NDB) scheme any organisation or agency covered by the Privacy Act 1988 must notify affected individuals and the OAIC when a data breach is likely to result in serious harm to an individual whose personal information is involved. Visit: for more information.