If a system you develop or administer has a data or identity breach, you should advise us as soon as possible. We can work with you to minimise the impact and help protect you and your clients. We can also help you manage the breach.

A data or identity security breach may include:

• identity details being accessed or seen by an unauthorised third party
• identity details being lost or stolen due to illegal access by a third party activity (e.g. common online threats such as malware, spyware or ransomware).
• mistakenly providing information to the wrong person, for example sending details out to the wrong email address.

To report a data or identity breach, email us at DPO@ato.gov.au or phone 1300 139 052 between 8.00am – 6.00pm EST, Monday to Friday.