Report an incident
Reporting cyber security incidents helps us to form a detailed view of cyber security threats and make sure you receive the right help and advice.
All information provided to us is held in the strictest confidence.
We recommend you have a tried and tested incident management plan in place to help limit damage, improve recovery time, and help safeguard your organisation.
How to report an incident
Email [email protected] or call the 24⁄7 Hotline for urgent assistance on 1300 CYBER1 (1300 292 371)
When should I report a cyber security incident?
The types of cyber security incidents you should report are:
suspicious system and network activities such as:
domain administrator accounts being locked out due to failed authentication attempts
unusual authentication events on remote access systems
service accounts communicating with internet-based infrastructure.
compromise of sensitive information
unauthorised access or attempts to access a system
emails with suspicious attachments or links
denial of service attacks
suspected tampering of electronic devices.
If you think you have been the victim of cybercrime, report it to the Australian Cybercrime Online Reporting Network.
Report a scam
Report scams to the Australian Competition and Consumer Commission’s Scamwatch.
Report a data breach
If your organisation has had a breach of data that is likely to result in serious harm to any individuals whose personal information is involved in the breach, you may have legal obligations under the Notifiable Data Breaches scheme.
Report a vulnerability
Please report any cyber security vulnerabilities you discover that are not yet publicly known, if they are:
high-impact vulnerabilities that may affect many users, critical > national infrastructure or physical safety and could occur in > software components, protocols or hardware
vulnerabilities in websites or systems for big business or > government agencies.
Coordinating the disclosure of vulnerabilities can minimise the potential harm caused by those vulnerabilities being exploited. This disclosure will give vendors and developers more time to mitigate the vulnerabilities and enable affected systems of national interest to reduce their exposure.
To discuss how to report a vulnerability and our policies and procedures around vulnerability disclosures, contact [email protected]