Page 194 - Cyber Defense eMagazine September 2025
P. 194
What you need is speed with clarity. Assemble your breach response team legal, security, comms,
compliance and ask the hard questions:
• What exactly was accessed?
• How long has it been going on?
• Is the attacker still inside?
The longer you pretend it’s “under investigation,” the more trust you lose. Transparency isn't just a legal
risk it's a strategic advantage.
Consumers don’t wait to be told
If you're a Qantas customer (or one of the millions watching nervously), don’t sit around for confirmation.
Assume compromise until proven otherwise. Cybercriminals won’t wait for your email to arrive they’ll be
monetising your data by tomorrow.
Verify the breach – don’t fall for the follow-up scam
Ironically, the breach itself often triggers a second wave of fraud. Phishing emails pretending to be from
Qantas will flood inboxes, asking you to “verify your account” or “reset your details.” Never click on email
links after a breach. Go directly to the company’s website or app. Trust your paranoia it might save your
identity.
Check if you’ve been exposed – and act accordingly
Not all data breaches are created equal. A leaked email is annoying. A leaked passport number? That’s
catastrophic.
• Use monitoring tools like HaveIBeenPwned or sign up for dark web scanning through your bank
or a cybersecurity provider.
• For loyalty and travel accounts, scrutinise redemption histories and account logins. Flag anything
out of pattern.
• If ID documents were leaked, report them immediately and request replacements or fraud alerts
with the relevant authorities.
The attackers won’t give you time to think. Don’t give them time to act.
Cyber Defense eMagazine – September 2025 Edition 194
Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.
