Hey everyone,
So, I woke up this morning to an unsettling email from myGov informing me that someone had managed to log into my account. 🚨 At the same time, I received a text message with a login code from myGov. 😱
I’m currently sorting through the aftermath and trying to figure out how they could have potentially bypassed the 2FA text message. 🤔 I’ve already confirmed that my phone hasn’t been hacked and reached out to Telstra previously to safeguard against any sim card swaps due to fraud. 📵
If anyone has any insights or suggestions on this matter, I’d greatly appreciate it! Also, I’m in the process of contacting ATO, centrelink, medicare, my bank, IDcare, and getting a credit ban in place just to be safe. 🔒
Just as an update, it seems like the breach may not have actually bypassed the 2FA. Logs on myGov don’t indicate this, but just that they had the correct password. Phew! 😅
Any tips or advice on how to handle this situation would be super helpful for me and anyone else who may find themselves in a similar position. Let’s protect each other from these cyber threats! 💪
Thanks!
You have likely followed a scam link at some stage.
Probably more of a hacking sub question but…Â
1. The sim has been cloned
2. Your phone has malware that allows remote access
3. Human engineering e.g. identify theft either through you or the government support services
Edit
Or its a phishing email that directs you to a fake site to steal your details
Or its just someone probing for email addresses to find which accounts are real
Or credential stuffing…
I got the same email but I suspect they didn’t get all the way in as the 2fa stopped them (I hope)
Log in to your mygov (not using any links emailed to you). Go to myaccount in the top left, then go to account settings then account history. It will show you a list of actions taken on your account.
It will show you when you logged in, when you received MFA and when you entered a code.
Its probable the MFA stopped them from logging all the way in.
The fact you got an SMS means they have your username and password at the very least. Change your password now.
myGov was hacked too. Didn’t get pass 2FA. i login to remove my email as login and use the username they provided. No attempts since. My hotmail however has brute force attempts every hour for many months now. I just realised that n now used an Alias email instead and disable login with my main email and only allow alias login. No attempts so far.
If they used your password, I am assuming that you re-use the same password + email combination elsewhere.
https://haveibeenpwned.com/
Check that website and see if your email has been breached. Whoever attempted it probably got your password from there.
Now it’s someoneelse’sGov
This happened but to me but they didn’t get in due to 2FA. Same would be for you, text codes by got the password right.
Thank god for 2FA otherwise I’d be another person with a stray payment.
Their messaging wording could use some adjustment.
I thought mine had been hacked and stolen. Turns out they’re going through historical Centrelink accounts from the 2000’s and 90’s, data matching them to myGov, and then shutting down any accounts that match and aren’t linked to a CRN.
I didn’t even have a CRN it was so old it was a K and I had no record of it. I’ve fixed most of it up now but the ATO link is broken and I need to call the ATO to get them to reset it at their end.
>Â and I had called Telstra months ago to ensure my sim card doesn’t get swapped from fraud
What does that mean? What made you call telstra about sim swapping? What fraud or hack were you previously a victim of?Â
I got the same thing yesterday, changed my password after unlocking it. Now I got the same thing again. Looking at the account history someone has been trying again since changing WTF
It appears this has been hacked based on what others have experienced, but the government hasn’t said anything WTF
Yes, have had a locked account for the past three days due to hacking attempt.
Fyi, there are many cases where a 2FA may be triggered with username and password, but still worth changing
I feel like we’re about to hear of another major company data breach.
Hey Mate check your ato, Medicare payment details my dads mygov bank details was changed as well.
I went to login today to finalise my tax return and it said my account was locked due to failed attempts. I had to enter security questions and reset my password. I never got any 2FA text messages so obviously they were trying passwords. I also don’t have my email as an option for login so they must be randomly trying account identifiers (eg ‘F*******’).
I got the same email yesterday, but did not get any 2FA SMS. Haven’t had the chance to log in and check yet, but will do very soon.
I got an email from mygov saying my account had been locked on July 3.
They started trying to access my account on 06:59:48am AEST on July 2, 9th/final attempt on July 3 07:03:56pm AEST – email received at 19:03:59, so that was pretty quick.
Logged in and changed my email address, from my gmail account, the email address of which does show some powned, results, to my secret one I only use for important things (yay protonmail).
I now know that they lock the account for 10 minutes on the 5th attempt, 30 mins on the 6th attempt, 1 hour on the 7th and 8th attempts and then locked on the 9th requiring MFA to get in. I use myGov code generator.
No email until the 9th attempt though, which is a bit annoying.
As someone that works in IT, I cannot stress the importance of using a password manager. Ensure you use unique strong passwords for every single login credential. I have over a hundred accounts and I don’t know the passwords for any of them except to access my password manager.