What the Optus breach means for Accounting firms
The Optus breach has been all over the news, social media, your inbox. But what does this breach mean for accountants like yourself?
More than 2 million people have had their data leaked in the recent breach. Let’s take a look at what the data leaked was:
- Government identification numbers
- Email addresses
- Date of birth
- Phone numbers
- Driver’s license details
- Passport numbers
How does this affect firms like yourself?
If you don’t use Optus, don’t breath a sigh of relief yet. You might not use Optus, but what about your teammates? How about your clients?
In a breach of this magnitude, it’s important to keep in mind that those in your professional circle might have had their details exposed as well.
Securing your team
Your accounting firm is the custodian of sensitive client information—and your employees are on the frontline in the defense against cyber crime. It is paramount to ensure that your team members are aware of this.
Encourage your team members to let you or your IT team know if any of their details were exposed in the Optus breach, and to change any passwords associated with those accounts that might be the same passwords they use for their company email or apps. If possible, enforce all team members in your firm to change all passwords they use for company email or cloud applications to new ones as a preventative measure in case breaches like this one happen again.
Remind team members never to click on suspicious links in emails or text messages that purport to be from Optus, as hackers could be using the leaked personal information to phish more credentials.
Securing your clients
As with your team, remind clients to be wary of phishing emails, texts, or even phone calls requesting any information relating to the Optus breach.
In the wake of the Optus breach, remind your clients and team members to do the following:
- never use the same passwords for different accounts (one breached account can mean all other accounts with the same credentials can be breached)
- don’t have “easy” passwords (never use your date of birth as a PIN, for example)
- use pass phrases or identity managers (strengthen your passwords as much as possible, or use an identity manage software)
- use multi-factor authentication wherever possible
- be wary of phishing emails (check our guide on Spotting the Phishing Scam here)
More and more breaches and hacks are happening, and cyber crime is only predicted to be rise. Accounting firms are one of the most attractive targets to hackers, which is why we’ve written this article to help out accountants like yourself in knowing what to do when breaches of this magnitude happen.
However, it’s not all bad news. Accounting firms can still take steps to improve their firm’s security with the 3 pillars of holistic cyber security. The proper security measures for cloud and email apps, team training and awareness around cyber threats, and compliance, make all the difference in making sure your firm is prepared against cyber threats.
Need a solution that encompasses security, team training, and compliance for accounting firms? Book a demo with Practice Protect today.