On Saturday May 9 2020, we experienced a malware incident that caused a system outage.

For system outage updates, go to this page.

Your money is safe and secure.

As a result of investigations undertaken so far, MyBudget can confirm that a malware incident occurred which interrupted a number of our automated systems. 

Our priority was to restore systems and to continue serving clients throughout the outage. Automatic payments resumed on Monday 18 May, while the client web portal and mobile app were restored on Friday 22 May, 2020.

We can assure you that clients’ money is safe and secure, and remained so throughout the outage.

Appropriate forensic investigations, typical for these types of investigations, are ongoing and this page will be updated with any new information.

Frequently Asked Questions

We expect that you will have questions about the outage and its causes, including possible concerns for your personal information.

These FAQs will help to provide answers.

As a result of investigations undertaken so far, MyBudget can confirm a malware incident.

The number one priority for MyBudget has been focused on restoring systems to help clients, and we can ensure you that our clients’ money remains secure and has not been impacted.

We needed the time to do the due diligence and forensics (which is typical for these types of incidents).

Our investigation is comprehensive and ongoing. We are taking all cautionary measures and are working with leading experts.

We needed the time to do the due diligence and forensics (which is typical for these types of incidents).

The number one priority for MyBudget has been focused on restoring systems to help clients.

At the same time, we were seeking advice and conducting investigations to fully understand the situation.

It is usual for these types of investigations to take some time and we did not want to take any steps that would compromise the investigation. 

We have been able to progressively restore systems from backups, whilst ensuring clients’ money remains secure and has not been impacted. We are expeditiously investigating the scope of the incident and working with law enforcement bodies and government agencies to assist. 

At present, the investigation is still ongoing, and there is no credible evidence that significant data was accessed or will be misused. However, we can't rule this out and are taking all cautionary measures. We’re working with leading experts, government agencies and law enforcement bodies to take appropriate action.

In the coming days we will be taking the precautionary measure of advising all clients and staff of steps they can take to protect against potential data misuse. As we know more, we will advise our clients and employees as appropriate.

Malware is a virus intentionally designed to cause damage to a computer, server, client, or computer network. 

As a result of the investigations undertaken so far, we have confirmed that this incident is the result of a third party deployed ransomware.

At this stage, the unidentified third party behind the incident most likely gained unauthorised access through network changes that occurred during a time when the business rapidly mobilised its teams to work remotely during COVID-19. 

At this stage, the unidentified third party behind the incident most likely gained unauthorised access through network changes that occurred during a time when the business rapidly mobilised its teams to work remotely during COVID-19. 

We do not know the identity of the individual but understand that a number of Australian businesses have also been recently targeted.

We have referred all details to Cyber-Crime investigators and they are taking this matter very seriously.

We treat all cyber-crime threats to our business very seriously, and will continue to work with law enforcement and government agencies as necessary to take appropriate action.

MyBudget has been working with leading external security experts and following best-in-practice advice to do everything possible to get systems back online in a safe and secure manner.

The Office of the Australian Information Commissioner and the Australian Cyber Security Centre have been notified and MyBudget will continue to be in regular contact on the progress of the incident. 

In the coming days we will be taking the precautionary measure of advising all clients and staff of steps they can take to protect against potential data misuse. As we know more, we will advise our clients and employees as appropriate.

It has been a huge challenge balancing getting our systems back online to service our clients in the best way we know how and simultaneously managing a ransomware threat.

As a business that has been operating for over 20 years, this incident is unprecedented for us and as such we selected the very best people in the business to help manage a thorough step by step process to get us to where we need to be.

MyBudget has been working with leading external security experts and have been following best-in-practice advice and is doing everything possible to get systems back online in a safe and secure manner.

The Office of the Australian Information Commissioner and the Australian Cyber Security Centre have been notified and MyBudget will continue to be in regular contact on the progress of the incident.

We are also working with Cyber-Crime investigators at various law enforcement agencies.

At present, the investigation is still ongoing, and there is no credible evidence that significant data was accessed or will be misused. However, we can't rule this out and are taking all cautionary measures. 

In the coming days we will be taking the precautionary measure of advising all clients and staff of steps they can take to protect against potential data misuse. As we know more, we will advise our clients and employees as appropriate.

Yes. Any late payment fees, dishonour fees or overdrawn account charges incurred during the outage will be reimbursed. MyBudget has strong relationships with creditors and are working closely to reduce any impact to existing payment arrangements. In some cases this may include extending and re-setting payment arrangements, holding collection activity and reviewing charges incurred. Support options vary by creditor and may differ depending on individual circumstances. 

Please be assured that any late fees incurred as a result of the incident, will be reimbursed to you.

For your convenience, you can submit your reimbursement claim online: www.mybudget.com.au/reimbursement

Please submit a separate form for each reimbursement claim.

We are implementing fee relief plans for individuals impacted by the outage. Please speak with a client care member so that we can discuss your situation and update your budget, accordingly.

On a precautionary basis, we recommend all of our employees and clients remain vigilant to telephone, SMS, email and social media phishing scams requesting your personal details or the payment of money. Avoid opening attachments from unknown senders and ensure that any communications received from MyBudget or creditors are legitimate before responding.

General guidance

Although not related to this incident, as part of good cyber hygiene you should:

  • Change your online account passwords regularly, use a separate password for online banking, and use a password manager for remembering multiple passwords.

  • Never email yourself passwords for online accounts and confirm if your online accounts are secure by visiting https://haveibeenpwned.com/.

  • Enable multi-factor authentication for your online accounts where possible and ensure you have up-to-date anti-virus software installed on any device used to access online accounts.

More information about phishing scams and protecting your identity is available here:

The OAIC (Office of the Australian Information Commissioner) have provided a number of helpful resources recently as part of Privacy Awareness Week 2020:

If you are concerned about the potential misuse of your personal information you can contact IDCARE is Australia and New Zealand's leading national identity and cyber support service. You may visit IDCARE’s Learning Centre for further information and resources on protecting personal information (www.idcare.org).

Current investigations demonstrate no credible evidence that sensitive employee or client data has been accessed. You may still wish to obtain your credit report from credit reporting bodies. This will help you identify any unauthorised or suspicious activity on your Credit File.

To monitor your financial records, you can apply for an annual free credit report from each of the consumer Credit Reporting Agencies below: 

If you are concerned about data misuse, you should consider requesting that a 'credit ban' be put in place while you investigate further. When a ban is put in place it ‘freezes’ access to your credit file and Credit Reporting Agencies are not able to disclose any personal information from your consumer credit file to any credit providers unless you provide written consent for them to do so, or if they are required by law. You are able to later lift this ban if you need to later apply for credit.

IDCARE

If you are concerned about the potential misuse of your personal information you can contact IDCARE is Australia and New Zealand's leading national identity and cyber support service.

You may visit IDCARE’s Learning Centre for further information and resources on protecting personal information (www.idcare.org).

IDCARE provides learning resources to help people understand personal information security. For example:

icon

What is a Credit Ban?

When a ban is put in place it ‘freezes’ access to your credit file. 

Read More

icon

What is a Credit Report?

A credit report is a snapshot of your credit related history.

Read More

icon

What is Malware?

Malware is a form of software (a virus) that encrypts files.

Read More

How to Review Your Credit Report

To monitor your financial records, you can apply for an annual FREE credit report from each of the consumer Credit Reporting Agencies:

Equifax - www.mycreditfile.com.au/products-services/my-credit-file

Illion - www.illion.com.au/#illion-for-individuals

Experian - www.experian.com.au/consumer-reports 

Compuscan - www.compuscan.com.au

If you are concerned about data misuse, you may consider requesting a credit ban be put in place while you investigate further. A credit ban  ‘freezes’ access to your credit file. 

Credit Reporting Agencies are not able to disclose any personal information from your consumer credit file to any credit providers, unless you provide written consent for them to do so, or if they are required by law. 

You are able to lift this ban if at any time you wish to apply for credit.

Please rest assured that your money remains safe and protected despite these recent activities.

We are genuinely, deeply sorry that this incident occurred and we apologise for any concern or inconvenience. MyBudget has been working with leading external cyber security experts and have been following best-in-practice advice and is doing everything possible to get systems back online in a safe and secure manner.

If you have any questions or concerns, please contact us on 1300 300 922 or email clientsupport@mybudget.com.au

More information about phishing scams and protecting your identity

icon

How to spot phishing scams

Phishing scams are attempts to trick you into giving out personal information, such as your bank account numbers, passwords and credit card details.

Know More

icon

How to reboot your privacy

Protecting your personal information online is increasingly important as even more of our day-to-day activity takes place in the digital environment.

Know More

icon

Games, apps and other media

Learn about the latest games, apps and social media, including how to protect your information and report inappropriate content.

Know More

icon

What is a data breach?

A data breach happens when personal information is accessed, disclosed without authorisation or is lost. Here’s what you need to know.

Know More

icon

COVID-19 cyber advice

The Australian Cyber Security Centre (ACSC) has observed an increase in COVID-19 themed malicious cyber activity.

Know More

icon

Working from home

COVID-19 has resulted in many people working from home for the first time. Working from home has specific cyber security risks.

Know More