CHRG Cyber Incident Support Plan
Stay informed about online safety and cybersecurity practices through reputable sources like the Australian Cyber Security Centre website or the ACCC’s Scamwatch website
To safeguard yourself against potential risks, CHRG recommends taking the following steps:
1. Set up multi-factor authentication to add an extra layer of security to your accounts.
Multi-factor authentication is when you need 2 or more proofs of identity to be able to log into your account. We have set this up internally for you at CHRG For your non-CHRG accounts, learn how to set up multi-factor authentication.
2. Install software updates regularly to keep your devices secure.
Software updates are new, improved, or fixed versions of software or apps. Regular updates help improve CHRG’s security. Please reset your devices regularly to ensure our updates are installed into your device. Learn how to stay secure online and update your devices
3. Create strong and unique passphrases or passwords.
Use different passphrases for each of your accounts. This will limit the impact of any of your passwords being involved in a data breach. A password manager can help you with creating or storing unique passphrases. Learn about setting secure passphrases and using password managers
4. Remain vigilant and monitor for any suspicious activity, such as:
• emails sent from incorrect email addresses;
• content with spelling or grammar mistakes;
• emails asking you to click on a link or unusual attachments; and
• any calls or unusual requests for personal information, payments, or proof of identity.
If you suspect that you may have been victim to cybercrime, the Australian Cyber Security Centre has a useful resource to assist with what to do next – Have you been hacked? | Cyber.gov.au
In addition to the above, the following steps can be undertaken to limit the risk of harm that may arise:
• Inform your relevant Service Providers such as financial institutions, super funds, Government agencies or other service providers to be aware of any suspicious activity;
• Consider if you should replace your Passport based on guidance by the Department of Foreign Affairs and Trade and take appropriate action as required Further information from the Department of Foreign Affairs and Trade can be found here
• Consider if you should replace your Drivers’ Licence at Service NSW here and take appropriate action as required;
• If you have concerns about the Tax File Number information provided, you can contact Australian Taxation Office’s Client Identity Support Centre at identitysupport@ato.gov.au or on 1800 467 033 (available 8am to 6pm on Monday to Friday). Please note that we have informed the ATO of the Cyber incident affecting Castle Hill RSL Club Limited ABN 35 001 043 910 (operating as CHRG).
• Obtain a replacement Medicare Card or a new Medicare number via your Medicare online account through myGov or the Express Plus Medicare mobile app Further information from Services Australia can be found here. Your Medicare account cannot be accessed with your
Medicare card number alone. Unlike a scan or copy of a Medicare card, a Medicare card number by itself cannot be used as proof of identity. If you are concerned about the security of your Medicare account, please visit Services Australia's Website for more information on how you can protect your personal information after a data breach.
• If your Centrelink CRN may have been exposed during the cyber incident and we have already told Services Australia about this on your behalf. To reassure you, your CRN by itself cannot be used as a proof of identity You do not need to request a replacement Centrelink concession card (if you have one). If you are concerned about the security of your Centrelink account, you can contact Services Australia to add a verbal password. To increase the security of your online accounts, please consider using strong passwords and multi-factor authentication. Please visit Services Australia's Website for more information.
• In the event of a Birth, Death or Marriage Certificate being impacted, you should inform your relevant state Registry of Births, Deaths and Marriages to be aware of any suspicious activity. NSW Registry of Birth, Deaths and Marriages can be contacted on 13 77 88.
• The Services Australia Scams and Identity Theft help desk can be contacted on 1800 941 126 or via its website at Scams and identity theft - Managing your money - Services Australia;
• You can seek the assistance of IDCare via its website at https://www.idcare.org;
If you have concerns about identity theft, you can apply for an annual free credit report via the following credit reporting agencies:
o Illion at https://www.creditcheck.illion.com.au/; or
o Experian at https://www.experian.com.au/consumer/order-credit-report;
Further information about online safety, cyber security and other helpful tips can be found at the Australian Cyber Security Centre website or the ACCC’s Scamwatch website.