ASIC wouldn’t know if the breach unless it was reported to them (their excuse is that they are under resources). But even if you do report it to them, I suspect nothing much will happen.