With the dozens of data breaches that have occurred over the past few years, there is barely a single American who wasn’t affected. If your information was stolen, leaked, or used for identity theft in a data breach, here is what to do about it.
If you haven’t heard about a data breach on the news, that’s okay. After a company experiences a breach, it is supposed to notify customers in writing. The first step is to evaluate what information of yours was stolen.
Some of the most sensitive pieces of information would be your credit card data, PINS, bank account numbers, your social security number, mother’s maiden name, and your date of birth. Some other critical pieces of information you would not want to be stolen by crooks are logins to financial institutions or other important accounts.
Some less emergent information that could fall into the wrong hands would be your name, address, and phone number. That information is already out there in public records. Your email address is pretty exposed as well. However, it can be used by criminals to wage phishing attacks and used in credential stuffing incidents.
When you receive a letter from the company explaining what was stolen, they may say that your passwords or other information were hashed or encrypted. Do not take that to mean that your information is safe. Hackers are very good at uncovering data even when it is secured.
The next most crucial step is to change all your passwords. Since you can’t be sure what the hackers got their hands on, you should be overcautious and change your passwords for everything. Be sure never to reuse the same password on multiple accounts.
Contact your credit card company or financial institution if any financial information was breached. Let them know so they can issue you new cards and change your PINs or other security codes.
Turn on two-factor or multi-factor authentication for all your financial and other online accounts. This extra layer of security will give you peace of mind knowing no one can get into your account without a text message code from you.
Contact the three big credit reporting agencies (Experian, TransUnion, and Equifax) and let them know your information was breached. You may also choose to put a credit freeze on your account so no one can open new accounts in your name. Get a copy of your credit report with each agency once a year (you are entitled to a free copy every 12 months) and look it over carefully, checking for any suspicious accounts or things you do not recognize.
If you experience any fraud or identity theft because of the data breach, contact the FTC and report it immediately.
There are some great options for credit and identity theft monitoring services that you can choose from. Once you sign up and provide your personal information, the company can monitor your exposure and alert you if any of your details show up online where they should not be. These services give you peace of mind, so you don’t have to worry as much.
Because data breaches are so common, the choice to sign up for credit and identity monitoring is an easy one. The cost is so inexpensive for all the protection that you get with a plan. Some plans even combine credit and identity theft monitoring with neighborhood watch information, lost wallet restoration, and even help after identity theft.
Keep a close eye on your bank and credit card statements each month, checking for any charges that you did not authorize.
After a data breach, you may feel discouraged and frustrated. The more you can do to secure your online life, the better off you will be and feel. Some other tips to stay safe after a data breach are:
Keep a close eye out for phishing emails, scams, and strange phone calls.
If the data breach exposed your name, email address, and phone number, you could become a target for fraud and scams.
Never click a link or download attachments from an email.
Keep antivirus/anti-malware software on your devices and run frequent scans.
Review all your online accounts and remove any extraneous personal information in case of further breaches.
Never give out personal information to anyone you don’t know.
Do not share logins even with friends and family. You never know if their devices are infected with spyware and malware, which could then lead to further issues for you if they use your logins.