Responding to a data breach: What the ACSC recommends

Understanding Cybersecurity

Recent cyber breaches have shone a spotlight on the importance of data security. From the Optus breach, to the MyDeal one, and to the most recent Medibank hack, it’s emphasised now more than ever that any firm privy to client data should take their data custodian duty seriously.

In light of these cyber events, the ACSC are reminding businesses to ensure their data is secure, and to be aware of the Notifiable Data Breach Scheme.

The Notifiable Data Breach Scheme

The Notifiable Data Breach scheme requires that any organisation or agency the the Privacy Act 1988 covers must notify any affected individuals and the OAIC when a data breach has occurred at their firm.

A data breach happens when personal information is accessed or disclosed without authorisation or is lost.

If you’re a business that has access to client’s personally identifying information, you’re required to report a breach if it happens.

How can small businesses respond to a data breach?

Every breach is different, from the type of information compromised, to the remediation needed in order to contain or respond to the breach. 

However, once a breach has happened or is suspected in a business, these are the basic steps one should take:

  • Change any passwords that could have been compromised
  • Be on alert for phishing emails or calls
  • Do not click on any links in emails or messages that ask for passwords, password resets, or verification information

Keeping your data safe

Accounting firms are privy to sensitive client information. From bank logins and email systems, to the devices your team members use, these are our top tips for keeping data safe:

  • Have secure, unique passwords for your accounts. We recommend using passphrases that are more than 8 characters in length.
  • Be aware of what personal data you share online, and limit what personal information you share on public profiles
  • Secure your devices and accounts

Prevention is better than a cure. Now that you know what to do in the case of a breach at your firm, it’s time to find out how to prevent breaches from happening, and mitigate the risk of a cyber event at your firm.


Talk to Practice Protect, the world’s #1 cyber security platform for accounting firms, to see how we can help. Book a demo with our team below:

 
Read more

The True Cost of Cybercrime in the US

Cybercrime is on the rise in the United States, and accountants are on the frontline when it comes to being targeted by cybercriminals. Learn common attacks and how to prevent them. Read more

Cybersecurity Training for Accountants: Best Practices and Top Solutions

In the intricate world of numbers and financial data, this guide emphasizes the indispensable nature of cybersecurity training for accountants, unveiling industry-specific best practices and highlighting Practice Protect as the go-to cybersecurity shield. Read more

How secure are password managers for accountants really?

Amidst increasing digital threats and recent breaches, accounts are being forced to ask themselves, how secure is my password manager really? Accountants need unparalleled security and peace of mind for their clients’ data. Read more