When a breach compromises client data: Lessons from Medibank

Cyber News

An update on a big breach in Australia has come on the heels of news of other breaches (see: Optus breach and Woolworths breach). Medibank Private Ltd, Australia’s biggest health insurer, has announced that a cyber hack compromised the data of all of its customers.

Nearly 4 million customers had their data compromised, meaning all personal and significant amounts of health claims have been laid bare for the hacker.

A wake-up call

While the Medibank breach is still a developing case, it’s a wake-up call to firms that are in charge of any kind of client data. Comparisons can be drawn from the health industry that stores sensitive client information to the financial services industry, especially accounting firms, that similarly are data custodians for their clients.

With the amount of client data accountants are privy to, it’s not a stretch of the imagination that an accounting firm is an attractive target to cyber criminals.

Professionals in the cybersecurity space have stated that most companies would receive cyber attacks and should have a recovery plan. Having confidential data backed up frequently in a secure location is the best way to ensure hackers could not access it.

Maintaining client trust in your business

A data breach can impact a firm in a myriad of ways. The most obvious one is the financial aspect. In this breach, malicious actors are asking that a ransom be paid for the restoration of the data. There is also a significant amount of finances going towards breach remediation and securing the assistance of cyber incident professionals in this case.

However, the biggest thing that accounting firms must take note of in this breach is the loss of client trust in the affected business. While your accounting firm might not be a huge corporation like Medibank or Optus, your clients implicitly trust you with their data. Their bank accounts, their personal data—clients do business with your firm confident that you’re a trustworthy data custodian.

The best way small businesses can affirm this trust their clients have in them is by showing that they are taking steps to protect client data. Firms should not only review processes and educate their team members, but best practices for cyber security should also be enacted.

Access management, threat detection and antivirus systems, and breach response controls should be employed by accounting firms in ensuring client data is safe—and assure that your clients are placing their trust in a business that values their client data.

Want to know how 20,000 accountants all over the world are securing their data with Practice Protect, and reinforcing client trust? Book a demo with the team here.

 
Read more

The Rise of Access Brokers – What It Means for Accountants

With the rise of cyber threats targeted at accounting professionals, it's crucial to understand the risks posed by initial access brokers and how solutions like Practice Protect can be essential in safeguarding their data. Read more

Staff Cyber Security Awareness Training During Tax Season: Essential Actions for Accountants

Explore actionable cyber security awareness training tips for accountants during tax season. Discover how Practice Protect, America's leading cyber security platform for accounting professionals, fortifies your firm against cyber threats. Read more

FTC Safeguards Rule Compliance – A complete guide for Accountants and Bookkeepers

The FTC safeguards rule has captured a lot of attention in recent years among the Accounting, Bookkeeping and Tax preparer community. With its complexities and implications, this regulation has left many practitioners pondering what it truly means for their practices and whether proactive steps are required. Working with over 24,000+ accountants and bookkeepers, we have […] Read more