Data Breaches and You

<  Back to Fact Sheets
What is a data breach 

A data breach is the unauthorised disclosure or loss of personally identifiable information or information that may lead to a person becoming identifiable that is inconsistent with what was agreed when first collected. Not all data breaches occur through hackers attempting to steal sensitive data. 

Data breaches can include inappropriate destruction of information, loss of physical files, or the storing of information with third parties without permission. Data breaches can result in serious harm and the reporting of such events to impacted individuals will become mandatory in Australia in 2018 for Commonwealth Privacy regulated organisations (see oaic.gov.au). 

Ways you can detect a breach? 
  •  An organisation can inform you that your information has been “breached”, “leaked”, “lost” or some other term – some organisations don’t like to call a breach a “breach”. 
  • You read about it in the media – a lot of data breaches are being reported to the media from responsible organisations because they may not have up to date contact information. 
  • You experience the misuse of your identity information but don’t know how such information was originally compromised 

If it happens to you, here are some questions you may wish to ask? 
  • What specific information of mine has been breached? 
  • How was my information breached? 
  • What has the responsible organisation done to respond to the breach and how have they subsequently protected my information? 
  • How long did it take to notify me of the breach from when the organisation first detected it? 
  • What remedies is the organisation offering impacted people? (for example, support services, credit monitoring, product/service refunds, additional security etc.)? 

Here are some prevention tips 
  • ‍Take the time to understand why your information is being collected, how it will be secured, how long it will be stored, who it will be shared with, and how it will be discarded (it’s your right to know this). 
  • Ask whether they have experienced a data breach or do some searching with the Privacy commissioner website to see if they have a track record of breaches. 
  • Work out what’s important to you and protect it. If they ask for photo ID, produce something other than a licence or passport if you can (these are high risk credentials). 

Knowing your privacy rights 

We all have rights in relation to the protection of personal information. Privacy legislation in Australia and New Zealand requires regulated entities to protect your information that identifies you. It is important to understand these rights, particularly when they are threatened by identity compromise and misuse, including data breach events. The Privacy Commissioner websites in Australia and New Zealand are the best sources of information on these rights. This Fact Sheet introduces the basics and provides some tips if your identity information is compromised.

For more information please see our Knowing Your Privacy Rights Fact Sheet.  

print
Disclaimer

Identity Care Australia & New Zealand Ltd (IDCARE) provides identity and cyber security incident response services (the Services) in accordance with the following disclaimer of service:

IDCARE is Australia and New Zealand’s national identity and cyber incident community support service. We are a not-for-profit charity.

  • The Services provided do not constitute legal advice. IDCARE recommends that you consult a solicitor in relation to your legal rights and obligations, including but not limited to your legal rights or obligations under Australian and international privacy and data protection laws.
  • While every effort has been made to ensure the accuracy of the information in this product or service, to the maximum extent permitted by law all conditions, terms, representations, and warranties (in each case, whether express or implied) in connection with the provision of the Services which might otherwise be binding upon IDCARE are excluded.
  • IDCARE’S liability for any loss or damage suffered by any person or organisation (including, without limitation, any direct, indirect or consequential loss or damage) arising out of or in connection with the Services (including without limitation liability for any negligent act or omission, or statement, representation or misrepresentation of any officers, employees, agents, contractors or consultants of IDCARE) shall be limited to the fees paid by you to IDCARE in respect of the Services. For the avoidance of doubt, this limitation of liability extends to any liability arising from any actions performed or not performed as a result of any recommendations made in course of providing the Services.
  • The Services provided by IDCARE are intended to be provided solely to the initial recipient of this document or service and IDCARE will not be liable to any other person who may receive this document.

While every effort has been made to ensure the accuracy of the information in this alert, IDCARE disclaims any liability to any person in respect to any actions performed or not performed as a result of the contents of the the Services or any accompanying data provided. Wider dissemination may be permitted by authority in writing from IDCARE’s Managing Director. If you would like to provide feedback please use our Feedback Form.

CONTACT US

IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   

Get help
ONLINE FORM

Submit a web request

Call Centre Icon

Call our AUSTRALIAn
NATIONAL CASE MANAGEMENT CENTRE

1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND
NATIONAL CASE MANAGEMENT CENTRE

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440

Registered Charity

IDCARE as a registered charity does not ask individuals to donate or pay for our front line services. We are not a charity that can receive tax deductible donations.
We rely on organisations that care enough about you to care about us to keep our charitable service going. Proudly these organisations are displayed above and on our Subscriber Organisations page.
If you are asked for payment from someone claiming to be from IDCARE, please report this to us using our Report Phishing email.

Translating and interpreting service

IDCARE has access to the Department of Social Services’ Free Interpreting Service, delivered by the Translating and Interpreting Service (TIS National). Access to the Free Interpreting Service is provided to assist you to communicate with non-English speaking people who hold a Medicare card. Please note that the service does not extend to New Zealand citizens or residents who do not hold an Australian Medicare card, or to tourists, overseas students or people on temporary work visas.

Translating and interpreting service

New Zealand Relay provides services to help Deaf, hearing impaired, speech impaired, Deafblind and standard phone users communicate with their peers.
A TTY user connects to New Zealand Relay via a toll-free number and types their conversation to a Relay Assistant (RA) who then reads out the typed message to a standard phone user (hearing person).

The RA relays the hearing person's spoken words by typing them back to the Textphone (TTY) User.

National Relay Service

The National Relay Service (NRS) is an Australian government initiative that allows people who are deaf, hard of hearing and/or have a speech impairment to make and receive phone calls.

The NRS is available 24 hours a day, every day and relays more than a million calls each year throughout Australia.





Copyright © , IDCARE. All Rights Reserved.

ABN 84 164 038 966

IDCARE - Australia and New Zealand’s national identity and cyber support service.