Discovering that your password may have been compromised can be a disconcerting experience, potentially resulting in significant financial and emotional distress.

When unauthorised access is gained to someone's bank account, they may be able to drain funds, make unauthorised transactions, or even steal personal information for further exploitation. The financial repercussions can be devastating, causing individuals to lose their hard-earned savings, struggle with debt, and face difficulties in meeting their financial obligations, especially in an already challenging climate of high inflation and cost of living.

Additionally, the emotional toll of such a breach can be overwhelming, as victims may experience feelings of violation, vulnerability, and a loss of trust in financial institutions. Resolving the aftermath of a compromise requires time-consuming and often complex processes.

That's why it's crucial to act swiftly and decisively if you suspect that your password has been compromised.

Contact your bank

If you notice any irregularities with your Australian Mutual Bank account, immediately report them to our member service team on 13 61 91 who will guide you through the necessary steps and take additional security measures required to safeguard your account.

Change your passwords

The next crucial step is to log in to your banking account immediately and change your password. Creating a strong password that adheres to best practices is vital.

A survey conducted by YouGov and Telstra has revealed that almost half (46%) of Australians admit to using ‘easy-to-guess’ passwords.

Be sure to create a strong, unique password that includes a combination of uppercase and lowercase letters, numbers, and special characters. Avoid using easily guessable information such as your name, birthdate or pet’s name.

If you've used the compromised password across multiple accounts, change the password for those accounts as well.

The same survey also revealed that 78% of Australians are using the same password across multiple accounts - a habit that is not encouraged, as all it takes is one breach for multiple accounts to be compromised. So it is good practice to use unique passwords for each account.

Check your accounts for unauthorised activity

Once you've updated the password for the affected account, it's important to review your account activity for any suspicious transactions or unauthorised access. This will help you determine if the person who accessed your account has done anything that requires a response from you.

The steps to check your account activity will depend on the nature of the account. The account activity you should check may include:

  • Your transaction history and statements
  • Any linked payment methods such as Debit/Credit Cards, bank accounts or Digital Wallets
  • Private messages in your name
  • Purchases you didn’t authorise
  • Automatic transactions that have been set up without your authorisation
  • Changes to your financial or banking details
  • Monitor your Mobile Banking App registrations, if you notice any suspicious device registrations, you can deregister them within the app.

If you have lost money, immediately report this to our fraud team. Do not accept offers from third parties to help you get it back – this is a common tactic used by scammers to steal more money from you.

Monitor your credit report

While your online accounts may be the primary concern, it's also important to monitor your credit report for any unexpected changes or unauthorised activity.

Request a copy of your credit report to check if it includes any unauthorised loans or applications. Credit reporting bodies may hold different information about you, so you may need to request a copy of your credit report from various credit reporting bodies.

If you suspect fraud, you can request a ban on your credit report. It is recommended that you make the request to all three credit reporting bodies in case they maintain a consumer credit report on you.

You may also want to consider signing up for a credit monitoring service which allows you to keep up with changes on your credit report.

This proactive approach can help detect and prevent identity theft.

Enhancing security with Two-Factor Authentication

In addition to the immediate actions mentioned above, it is highly recommended to enable two-factor authentication (2FA) for all your accounts. 2FA adds an extra layer of security by requiring a secondary verification step, such as a unique code sent to your mobile device or a biometric scan (e.g. fingerprint or facial recognition). By implementing this additional safeguard, you significantly reduce the risk of unauthorised access even if your password is compromised.

Scan devices using antivirus software

Run a reputable antivirus or anti-malware software scan on your device. Malware could be responsible for stealing your password, so it's crucial to ensure your device is clean. It’s also worth doing your own search for programs that have been recently installed. After all, with nearly a billion malware programs out there*, even the best antivirus software can miss things.

Additional help

If you find yourself distressed, reach out to trusted individuals such as family and friends, you may also want to contact your doctor or support services who can provide guidance and reassurance while you take necessary steps to secure your account. Remember, you don't have to face it alone.

In the meantime, if you have any concerns or questions regarding password security or suspect that your accounts have been compromised, please don't hesitate to get in contact with our team. We are here to assist you every step of the way.

* According to


03 July 2023