Data breach
A data breach is a security incident where unauthorized access is gained to a system, resulting in the theft of private confidential information.
Share this
Last Updated30/07/2024
What is a data breach?
A data breach is a security incident where unauthorized access is gained to a system, resulting in the theft of private confidential information.
This can include personally identifiable information (PII), your personal health information, or the intellectual property of a business.
It's not uncommon for legitimate organisations to have their data compromised, which might mean your data has been affected.
What happens to my data in a data breach?
Sometimes the data may be made available for purchase and download on the Dark Web. Criminals may use the information from these data leak breaches to try to access your accounts (also known as an account breach) or create new accounts in your name.
If your personal information has been shared online following a data leak, this is known as a privacy breach.(/online-abuse-and-harassment/privacy-breaches)
Having your information leaked can be highly distressing. If you have had a privacy breach you can contact Netsafe for further support and advice.
What can you do if your data has been breached?
Netsafe recommends the following steps if you suspect your data has been compromised:
- Consult the Identity Theft Checklist(https://www.dia.govt.nz/diawebsite.nsf/Files/EOI/%24file/identity_theft_checklist_pdf-a.pdf): This is a helpful guide on what could happen with your information.
- Contact iDCare(https://www.idcare.org/): They provide free support and are skilled at helping people in New Zealand who believe their details could be compromised. You can reach them at 0800 121 068.
- Report the incident to your bank: Inform your bank as soon as possible so they can advise you on the necessary steps to take.
- Undertake a credit check(https://www.govt.nz/browse/consumer-rights-and-complaints/debt-and-credit-records/check-your-own-credit-report/): Check for any suspicious activity or accounts opened in your name.
- Change breached account passwords: Make sure not to use the same password across multiple accounts to protect yourself from further breaches. Click here to read more about how to choose a good password.(/online-safety-at-home/how-to-choose-a-good-password)
- Read information on the Privacy Commissioner’s website(https://www.privacy.org.nz/privacy-for-agencies/data-breaches/responding-to-data-breaches/): Get informed about data breaches and your rights.
- Stay alert: Be cautious of any emails or calls asking for suspicious information, such as your passwords or account details. Legitimate organizations will never ask for the passwords to your online accounts unless you contact them first.
Is there a way to check if my data has been used anywhere?
You might want to visit Have I Been Pwned?(https://haveibeenpwned.com/) to see if your details have been compromised. The site acts like a repository of data breaches and lets you check to see if your account has been compromised. Note that Netsafe is not affiliated with this website and has not verified the data contained there.
The data breach has happened in my company, what can I do?
CERT NZ(https://www.ownyouronline.govt.nz/business/) provides advice for businesses and organizations affected by cybersecurity incidents such as data breaches(https://www.ownyouronline.govt.nz/business/know-the-risks/common-risks-and-threats-for-business/data-breaches/). Visit their website for detailed guidance.
You can contact Netsafe seven days a week for free, confidential and non-judgmental advice about an online issue impacting you or someone you know.