How to protect yourself from a data breach

Oct 12, 2022

Data breaches, and the way that businesses handle customers’ personal information, have been in the spotlight over the last few weeks.

Between the Optus data breach which has seen more than 9.5 million Australians’ personal information potentially compromised, and the Pegasus Group data breach, which exposed the full names and email addresses of in excess of 72,000 employees from 15 companies including Telstra and NAB, it is more apparent than it has ever been that individuals should carefully consider how and to whom they share their personal information.

How to protect your personal information

There are a number of proactive steps that you can take to protect your personal information, including by:

  • Reading and ensuring that you understand the privacy policies and practices of the businesses to which you share your personal information;
  • Creating strong passwords, or even pass-phrases wherever possible, and ensuring that your passwords differ between accounts;
  • Checking your credit report to ensure that your credit information is correct and up to date; and
  • Utilising security software on your computer.

As we have seen in recent weeks however, there may be occasions where your personal information is compromised despite your best efforts to protect that data.

What to do if your information was exposed in the Optus data breach

If you are concerned that your information may have been exposed in a data breach, you can mitigate your risk from the breach by:

  • Enabling multi-factor authentication for all your online accounts;
  • Carefully monitoring your bank accounts for any suspicious activity;
  • Contacting your bank to inform them that you are (or may have been) a victim of a data breach and discuss measures that can be taken to protect your finances; and
  • Contact the issuer of any identification documents, such as the Australian Passport Office or VicRoads, to obtain new documents with a new number.

We have also set out some additional pointers to mitigate your risk, for those of you who have been specifically impacted by the Optus data breach:

  • If anyone calls you claiming to be from Optus, insist on calling back using only the number listed on the Optus website;
  • Do not click any links contained in text messages or emails claiming to be from Optus;
  • Do not provide your bank account details, or any other personal information to anyone claiming to be from Optus; and
  • Keep an eye on the ACCC’s ScamWatch to ensure you are up to date with any known scams being run in relation to this breach.

We also recommend that you visit the Optus website here:, and the OAIC website here:, for more information regarding the Optus data breach.

If you have any specific queries regarding privacy and data protection, don’t hesitate to reach out to KKI’s Commercial Team.