version 26.6.3 · Self-Help · Printing~3 min read

What to do immediately after a data breach

You have been told a service you use was breached. The next hour matters: work through these steps in order rather than panicking or ignoring it.

  1. Change your password on the breached account first, and make the new one unique.
  2. Change it everywhere you reused that same password — this is how one breach becomes many.
  3. Turn on two-factor authentication on that account and on your email if it is not already on.
  4. Watch for follow-up scams: breached details are used to make phishing emails look convincing, so be extra wary of messages referencing the breach.
  5. If banking or ID details were exposed, contact your bank and consider a credit ban through the credit bureaus.
  6. For exposed identity documents, ring IDCARE on 1800 595 160 (8am-5pm AEST, weekdays) for free guidance on what to replace.

Still stuck after those?

You’ve done the right thing by trying. Send whedo.it a quick note — what you tried, what you saw — and a senior pair of eyes will be on it the same business day.

+61 421 346 887
5.0
★★★★★ on Google · loading…
Read all on Google →