You saw the news alert. You got an email, either from Firefox Monitor or a company where you have an account. There’s been a security incident — a data breach. And your account has been compromised.
Getting notified that you’ve been a victim of a data breach can be alarming. You have valid cause for concern, but there are a few steps you can take immediately to protect your account and limit the damage.
Read the details about the breach
Read closely to learn what happened. What personal data of yours was included? Your next steps will depend on what information you need to protect. When did the breach happen? You may receive the notice months or even years after the data breach occurred. Sometimes it takes awhile for companies to discover a breach. Sometimes breaches are not immediately made public.
If you haven’t yet, change your password
Lock down your account with a new password. If you can’t log in, contact the website to ask how you can recover or shut down the account. See an account you don’t recognize? The site may have changed names or someone may have created an account for you.
If you’ve used that password for other accounts, change those too
Hackers may try to reuse your exposed password to get into other accounts. Create a different password for each website, especially for your financial accounts, email account, and other websites where you save personal information.
Many breaches expose emails and passwords, but some do include sensitive financial information. If your bank account or credit card numbers were included in a breach, alert your bank to possible fraud. Monitor statements for charges you don’t recognize.
Review your credit reports to catch identity theft
If you have credit history in the United States, check your credit reports for suspicious activity. Ensure that no new accounts, loans or credit cards have been opened in your name. By law, you’re permitted to one free report from the three major credit reporting bureaus every year. Request them through annualcreditreport.com. And don’t worry, checking your own credit report never affects your score. You can also consider a credit freeze, which blocks many entities, such as creditors, from seeing your report. Locking down your credit report behind a freeze makes it more difficult for bad actors to open credit in your name.
At the end of the day, there is little any of us can personally do to stop data breaches. The longer you’ve lived online, the bigger your digital footprint, and with that comes greater security risks. However, there is plenty we can do to protect ourselves in anticipation of one, such as creating strong, unique passwords from the start.
Also published on Medium.