You’ve probably received at least one notification in life that reads “your data has been compromised in a breach.” As much as we protect ourselves — and yes, we still need to – sometimes, our personal data gets hacked. The most commonly breached type of data is customers’ personal identifiable information (PII) such as addresses, numbers, names, birth dates, SSNs and more.
So now what do you do when you receive a notification from your health care provider or favorite retail store admitting, “Our bad, we got breached.” Follow these steps to stop the bleeding.
1. Make sure the breach is legit.
One ploy that hackers use to get our data is to impersonate popular companies and send out fake notifications (emails and letters) about an alleged breach. Whenever you get a notification like this, go to the company’s website or call the company directly to verify that the company was hacked and what data may have been compromised. Try to get as much information as possible from the company about the breach – When did it happen? Was your data impacted? What support is the company offering its customers to mitigate the breach? For example, some companies offer yearlong free credit monitoring or identity fraud prevention.
2. Determine what data was stolen.
You’ll need to know what was compromised so you can take the necessary steps to monitor or update that information. Credit cards can be easily replaced; Social Security numbers, not so much.
3. Turn on MFA and change your password.
You’ll want to update to a new, strong password for the breached account and any account with the same login credentials. If you see an option to log out all devices currently logged in to your account, definitely do that. Also, make sure you have multifactor authentication (MFA) turned on in your account or settings so that even a hacker with your login can’t access your account without your biometric data or a separate code (like those sent to a separate email address or texted to a phone number).
4. Monitor your accounts.
You should keep a close eye on any accounts linked to the breach, even if you’ve changed the password. Watch out for any account updates or password changes you didn’t authorize. If your credit card number was stolen, pay attention to your bank and financial accounts and look for unusual activity, such as unexpected purchases.
5. Report it.
If you’re not sure a company knows it’s been breached or you’ve experienced fraud due to a breach, report it to relevant authorities like local law enforcement or the Federal Trade Commission. They can provide guidance and next steps on how to protect your identity.
6. Be aware of phishing attempts.
After data leaks, hackers often use the information they stole to spam you with phishing emails or calls trying to trick you into giving away even more sensitive information. Be very wary of any emails you weren’t expecting, especially those that request personal or financial information, and do not click on any links or attachments!
7. Consider identity theft and data breach protection.
Consider identity theft protection after a breach, especially when highly sensitive data is stolen. It can help to monitor your credit or other accounts, protect your identity and notify you when your data appears on the dark web.
Need further help?
Fortifi Cyber Security can help your organization protect itself against cyber threats with world-class, highly-affordable security services. Our sibling company, Atlantic Technology Services, a Managed Services Provider (MSP) can take the worry out of IT management for your company. Call Fortifi today at 888-500-9111 or sign up for a free vulnerability test.