FOOTBALL AUSTRALIA INCIDENT RESPONSE
IDCARE as Australia’s national identity and cyber support community service has been engaged by Football Australia to assist individuals who have been notified by Football Australia in relation to the cyber incident. As you were informed in the notification from Football Australia, certain Football Australia cloud storage data repositories were inadvertently made publicly accessible due to a system misconfiguration (not malicious activity). That misconfiguration has been rectified.
Football Australia have prepared a response page on their website. Keep abreast of developments in relation to this cyber incident by visiting Football Australia's website.
IDCARE’s Role in Supporting You
IDCARE is an independent charity focused on supporting community members that have concerns about their personal, account or credential information.
We have been asked by Football Australia to extend our support to impacted persons via the provision of expert advice and IDCARE specialist Case Management services are available.
IDCARE Case Managers work every day with community members who experience the compromise or exploitation of their personal information. They understand the real risks, concerns and needs of our community.
General recommendations are provided below. If you have specific concerns or would like to seek further guidance on the recommendations, please submit an Individual Get Help Form and use the reference code provided in your notification.
Note that IDCARE's National Case Management specialises in cases where individuals believe they have experienced identity exploitation and misuse or have grave concerns about this risk.
General Advice and Guidance
The accessibility of personal information such as name, date of birth, and contact details can heighten risks around scammer engagement. In fact, notifications about a breach itself can also heighten risks, as scammers can seek to impersonate Football Australia, the Australian Professional Leagues, or your associated Club when engaging with you.
Remain scam vigilant by:
- Assuming that communications you receive may be from a scammer.
- Make your own enquiries using an alternative contact method to the one they used.
- Never give remote access to your devices if asked by someone who engages you.
- Keep your passwords and codes to yourself. Sharing these with scammers may mean you breach the terms and conditions of the account providers (such as your bank) and any chance of recovering funds highly unlikely.
- Staying abreast of the latest scams by visiting Scamwatch or by subscribing to IDCARE’s free community awareness bulletin, Cyber Sushi
If you believe you have responded to a scam engagement, please complete an IDCARE Get Help form to request assistance.
Response Recommendations by Credentials
IDCARE has formed response recommendations relating to the credentials potentially exposed as a result of the Football Australia cyber incident. Football Australia has informed IDCARE that not all attributes were exposed for each individual impacted. Please refer to your incident notification for specifics on what information of yours was accessible.
Join the global list of organisations making a real difference in people’s lives by supporting our service.
