Lost or Stolen Device Response for Sydney Families: What to Do in the First 24 Hours After a Phone, Laptop, or Tablet Goes Missing

Your teenager left their phone on the train. Your mum’s iPad was taken from a café in Chatswood. Your partner’s work laptop didn’t come back from a weekend away. The device is gone — and with it, the signed-in sessions to email, banking, MyGov, Apple or Google, social media, photo libraries, and whatever your kids had logged into. The window to act is short, the order of operations matters, and the household is panicking. Lost or Stolen Device Response from Cyber by Exegesis is the engagement designed to take that first 24 hours off your hands and get every account in the household back under your control.

The problem

A lost or stolen device is not just a hardware loss — it is a potential data breach affecting everyone in the household whose accounts touched that device. The ACSC’s guidance for individuals and families is clear that personal account security depends on quickly rotating credentials and revoking active sessions, but most Australian families have never practiced this and don’t know the correct order: remote-wipe first, or change passwords first? Revoke sessions before or after? What about the SIM? What about the children’s accounts that were signed in on a shared iPad?

Get the sequence wrong and you can lock yourself out of recovery. Wipe too early and you lose forensic information for the police report. Rotate passwords on a device the attacker still controls and they watch you do it. Cross-generational households make it harder again — aging parents may not remember which accounts were signed in, and children’s accounts often share recovery contacts with a parent’s email.

What Lost or Stolen Device Response does

Cyber by Exegesis runs a fixed-scope triage engagement for Sydney families:

• A guided remote-wipe sequence across Apple Find My, Google Find My Device, or Microsoft equivalents — done in the right order so account recovery is not broken.
• An account-recovery sequencing plan: which accounts to secure first (primary email, then financial, then identity, then social), and how to rotate passwords and revoke active sessions from a known-clean device.
• SIM and carrier coordination — reporting the SIM lost, requesting a port-lock, and watching for SIM-swap follow-on attacks.
• Support drafting the police report (NSW Police event number) and the insurance claim, with the device IMEI, serial, and timestamps documented.
• An OAIC Notifiable Data Breaches scheme assessment if the device contained data belonging to a small business, sole trader, or organisation in the family’s care — including whether the incident is likely an eligible data breach requiring notification.
• A short written summary of what was rotated, what was revoked, and what to watch for over the next 30 days.

Cyber by Exegesis is the cyber consultancy line of Exegesis — the same company behind the DRMO live product. This engagement is reactive triage, not ongoing IT support; we get the household stabilised and hand back a clear picture of where you stand.

How it works

1. You contact us through the waitlist intake when the device goes missing. We schedule a call within the engagement window and ask for a list of accounts likely signed in on the device.
2. We walk you through the remote-wipe decision — wipe now, or mark-as-lost first to preserve location data for police. The choice depends on what was on the device.
3. We sequence the password rotations and session revocations from a known-clean device, starting with the primary email account that controls recovery for everything else.
4. We coordinate the carrier call (SIM lock, port-lock), help you lodge the NSW Police report, and prepare the insurance documentation.
5. We assess whether the incident meets the OAIC NDB threshold for any small business or organisational data on the device, and provide the written summary and 30-day watch-list.

Why this matters in Sydney

Sydney’s transport network, density, and café culture mean device loss and opportunistic theft are routine — phones on the train between Central and Parramatta, laptops at Surry Hills cafés, iPads in shared family cars. ACCC Scamwatch data shows that lost-device incidents are frequently followed within days by targeted phishing and SIM-swap attempts against the same household, because attackers move quickly once they have a handset with notifications visible on the lock screen. A Sydney family that runs the correct response sequence in the first 24 hours closes that follow-on window before the attacker can use it.

Sources

• ACSC guidance for individuals and families: https://www.cyber.gov.au/protect-yourself
• OAIC Notifiable Data Breaches scheme: https://www.oaic.gov.au/privacy/notifiable-data-breaches
• ACCC Scamwatch (National Anti-Scam Centre): https://www.scamwatch.gov.au/
• eSafety Commissioner (for children’s account and image-based concerns following device loss): https://www.esafety.gov.au/
• Cyber by Exegesis — Lost or Stolen Device Response (waitlist)

Join the waitlist

Join the waitlist — first access when Cyber by Exegesis opens Lost or Stolen Device Response for Sydney families

We are sequencing engagements by household composition and device ecosystem (Apple-first households, then Google, then mixed). Join the waitlist with a short description of your household — we will tell you when we are ready to take a brief, and how to reach us if a device goes missing in the meantime.