The recent large-scale theft of Optus and Medibank customer data has drawn nationwide attention. It is fair to say that the vast majority of people living in Australia have received alert emails from these two companies lately, and that is not counting the data attacks that were prevented in advance or those of smaller scale.
The Optus incident has largely passed — replace the documents that need replacing, change the passwords that need changing. The Medibank breach that emerged more recently, however, keeps escalating and is turning out to be even more serious than first reported. Medibank has now admitted that the data of all 3.9 million customers has been hacked, with personal health information and Medicare numbers exposed. There is evidence that some customers’ personal and health claims data has already been deleted by the criminals. More information is likely to be at risk, and the number of affected users is expected to rise sharply.
What measures has Medibank taken?
– Customers whose identity information was leaked will receive free identity monitoring services
– If you need to replace identity-related documents, Medibank will reimburse the cost
– Deeper assistance is also on offer, providing financial support to customers placed in a disadvantaged position because of this incident
– A mental health and wellbeing support hotline is available to all customers
Nearly a quarter of people in Australia are certain their personal data has been stolen
Australia has always placed a strong emphasis on the protection of personal information. However, many attacks happen without your knowledge, or, as with Optus and Medibank, are genuinely hard to guard against…
SEC Newgate’s Mood of the Nation survey ran a timely piece of research:
– 23% of respondents are absolutely certain their personal data has been stolen or attacked (a figure that will likely rise over the coming months)
– 19% were unsure but thought it was possible
– Close to 50% believe they may fall victim to a cyber attack or data breach
Respondents aged 35–49 feel somewhat more likely than others to have their data attacked, leaked, or otherwise fall victim.
Both major companies have been hit — how do you protect yourself?
– More than 20% of those surveyed said they had cancelled online subscriptions in the past month
– Up to 70% have been busy changing passwords
– And over 60% have enabled two-factor authentication on their accounts, for example phone + email
So if you haven’t done it yet, time to pick up the habit?
The government steps up penalties significantly
– Last Friday the government announced tougher penalties. For companies involved in serious or repeated data breaches, the maximum fine has risen from AUD 2.2 million to AUD 50 million — a very clear deterrent
– Offenders may also face a fine of three times the value of “any benefit obtained” through the misuse of information, or the equivalent of 30% of adjusted turnover during the breach period
How can you tell in daily life whether your personal information has been leaked?
There is a rough method you can try: search for your personal details on Google, for example your phone number or email address.
Small everyday habits can go a long way toward protecting your information.
– When using public Wi-Fi, watch out for unsafe networks that may leak your information
– When logging in to unfamiliar websites, or using public computers/networks, do not casually enter bank card details
– Stay alert when filling in personal information
– Change passwords regularly and use complex combinations
– Periodically search for your own personal details online to see whether anything has leaked
If you receive a suspicious phone call, email, or message — especially one asking you to pay money — be extra careful!
