Whether your shopping online, sending and receiving emails, or just browsing, your data is out there. If you've ever received an email that's informed you that your information has been compromised and wondered what to do, then you're not alone. Companies all over seem to want to know everything about you nowadays, and, unfortunately, they aren't always able to keep the information you give them safe.
Over the passed few years, major companies including LinkedIn, Target, Home Depot, and even the health insurance giant, Anthem, have reported data breaches. Not only have these companies and others like them experienced a data breach resulting in the loss of customer data, like Social Security numbers, insurance information, bank data, passwords and the like, but, often, these breaches go unreported for months. If you've received an email informing you that your data has been found in a recent data breach, then we suggest following some of these recommendations.
Know What Was Stolen
First thing you'll need to determine is exactly what was stolen. Typically, you are made aware of a data breach that is informing you of stolen information via an email from that company. Companies operating in the US are required by law to inform their customers within a timely manner of potential data compromises that effect their users. Search through any email that was sent to you regarding the data breach to get a good understanding of what information may have been stolen.
According to tech site Tom's Guide, data sensitive information falls under three major categories:
Least Sensitive: Names and street addresses. This type of data is not harmful when it is printed in a phone book. Today, a name typed into a search engine can provide data useful to online marketers and even neighbors, but it's not enough to pose any real danger.
More Sensitive: Email addresses, date of birth, and credit or debit card account numbers pose a larger threat if compromised. Stolen email addresses can result in more spam and phishing scams. Stolen card information can result in fraudulent charges to your account, although the card holder is normally protected from liability.
Most Sensitive: Social Security numbers, passwords for online accounts, passport data, or financial account numbers are considered the most sensitive data that can be stolen and requires immediate attention. The common factor in all of these types of data is that they can be used to create accounts in your name, which can effect your credit and may be difficult to undo if too much time passes.
Change Affected Account Passwords
If it is an online account that has been compromised, then you should change the password for the account as soon as possible. If this is a password that you use for multiple accounts, then it's important that you update the password for all of the online accounts that used that password. Do not reuse that password for a second account. This is a way of limiting the damage next time there's a data breach.
Enable two-factor authentication for any accounts that allow it. Two-factor authentication links your online account with a second form of active authentication, typically associating your account with a phone number or email address. With two-factor authentication enabled, you will receive a code sent to you via text or email, which you'll need to enter in order to log in.
Using a password manager, like LastPass, is also helpful in securing your accounts. If you hate having to remember a lot of complex passwords, then a tool like LastPass can help keep all of your passwords in one area to reference. All you'll need to remember is one master password in order to login to all of your online accounts.
Contact Your Bank or Credit Card Provider
If a credit card or bank information is compromised, contact the bank or organization that issued that card as soon as possible. Most financial institutions have a toll-free number that you can call 24-hours a day to report either lost or stolen data. Speak with a live agent, and inform them that your account may have been compromised and is at risk for fraud. They will be able to help you protect your data, issue a new card and cancel your old compromised one.
Inform Credit-Reporting Bureaus
If your financial information is compromised in a major data breach, after reporting it to your bank(s), it is essential to contact the credit-reporting bureaus (i.e. TransUnion, Equifax and Experian) and ask each of them to place a fraud alert on your name. That way, if anyone tries to steal your financial identity, you'll be informed. Credit alerts are free in the U.S. and can be renewed every 90 days. Once an alert is requested, the customer will get a free credit report as well.
There is also an option to put a credit freeze on your name with the bureaus. This will prevent people from running a credit report on you or attempting to open an account in your name without your authorization. When you are ready to lift the freeze, you would contact each bureau directly. This is also available for your dependents, known as a "minor freeze" as their have been reports of minors having their SSN numbers hacked before they have even had a chance to begin building credit. Call the respective bureaus and find out what you need to do to "freeze" their identities and protect them early.
Credit and Identity-Monitoring Services
There are many companies that offer credit monitoring services now that are both free and paid for. For anywhere between $15 - $30 dollars monthly, full-fledged identity-protection services will monitor your accounts with credit bureaus and, often, watch for identity theft or stolen financial information, however, nothing is guaranteed. Be aware that even the data protection services are susceptible to data breaches as well.
Follow the recommendations above in the event of a data-breach, and always be proactive when it comes to securing your data. At the end of the day, keeping your data secure is your responsibility, and it's up to you to use the tools available to keep your most valuable data safe.
