Third party Data Breach 104-19010804
For the Scams and Identity Theft Helpdesk (SAITH) staff only.
This document outlines the process for staff when identifying and escalating a third party Data Breach.
Actioning advice of a third party data breach
Step |
Action |
1 |
Scams and Identity Theft Helpdesk receives advice of a third party Data Breach + Read more ... Is the Helpdesk already aware of the third party data breach?
|
2 |
What personal information is at risk? + Read more ... Did the third party data breach include any Centrelink, Medicare, Child Support or myGov information?
|
3 |
Third party Data Breach involving Services Australia credentials + Read more ... Encourage the customer to:
Check the customer's records, including myGov (as necessary) for suspicious activity. If appropriate, discuss and offer additional security. See Table 2 Additional security advice for Services Australia in Advice of a scam or theft/loss of personal information. |
4 |
Third party Data Breach involving other identity credentials + Read more ... Encourage the customer to follow the advice provided in the third party breach notification and review the information for individuals published by the Office of the Australian Information Commissioner (OAIC). The Resources page has a link to OAIC. Although the third party breach does not include Services Australia credentials, discuss additional security and offer to minimise the risk of Identity Fraud. See Table 3 Additional security advice for external organisations in Advice of a scam or theft/loss of personal information. |