Diamond IT Blog

How to minimise risks for your business after a data breach

Written by Samantha Cordell | July 9, 2018

 In February 2018 the Australian Notifiable Data Breaches (NDB) scheme came into effect, which means you are now legally required to report any data breaches that occur within your business. But despite efforts to protect your data, some breaches are beyond your control.

With every organisation that suffers a data breach now having to publicly notify each individual and the Australian Information Commissioner of the information involved in the data breach, you are now able to take immediate steps to lessen the impact from the breach for your business. For example when an online company with your personal details gets hacked, you can manage your risks on your own.
 

Use these following practical tips to help you reduce risks of identity theft and other threats for your business.

Tip 1: Determine what was breached

Whether its names, addresses, email addresses, or tax file numbers, it’s critical to know exactly what type of information was stolen before determining what steps to take. For example, if your email address were compromised, you’d take every precaution to strengthen your email security, which includes updating all your login credentials. 

Remember your company has the legal right to ask for and be provided with what type of information was stolen in the data breach.

Tip 2: Change affected passwords immediately after the breach

Speaking of passwords, change yours immediately after any breach, even for seemingly safe accounts. Create a strong password comprised of alphanumeric and special characters, and make sure you never reuse passwords from your other accounts. Or take it further and choose a longer, more complex passphrase with random words, and it becomes even harder for cyber criminals to compromise.

Once you’ve changed all your passwords, use a password manager to help you keep track of all your online account credentials.

If the website that breached your information offers two-factor authentication (2FA), enable it right away. 2FA requires two steps to verify security: usually a password and a verification code sent to a user’s registered mobile number.

Tip 3: Contact financial institutions

In cases where financial information was leaked, call your bank and credit card issuers to change your details, cancel your card, and notify them of a possible fraud risk. That way, banks can prevent fraud and monitor your account for suspicious activity.

Note that there are different rules for fraudulent transactions on debit cards and credit cards.

Credit card transactions are a bit easier to dispute because they have longer grace periods. Debit card fraud, on the other hand, is more difficult to dispute, especially if the fraudulent transactions happened after you’ve notified the bank.

Tip 4: Place a fraud alert on your name

Hackers who have your personal information can easily commit identity fraud. To avoid becoming a victim, contact credit reporting bureaus like Veda which is now known as Equifax, and request that a fraud alert (also called credit alert) be added to your name. This will block any attempt to open a credit account under your name and prevent unauthorized third parties from running a credit report on you.

Putting a credit freeze on your name might result in minor inconveniences, especially if you have an ongoing loan or credit card application. Still, doing so will greatly reduce your risks of getting defrauded.

Need more tips, Diamond can help..

These steps will ensure you don’t fall victim to identity theft in the event of a large-scale data breach.  Also please take the time to revisit our tips on how to avoid data breaches in the first place and also refer to our recent blog article on the NDB Scheme that outlines what will be legally required in the event of a data breach.

If you want to take a more proactive approach to protect your sensitive information against breaches, contact our cybersecurity experts today on 1300 307 907 or via our online contact form below.

 Published with permission from TechAdvisory.org. Source.