Data Breaches – Steps You Should Take After Your Personal Data Was Compromised Online

RiskBasedSecurity.com revealed that in 2020 over 15.1 billion records were exposed due to data breaches.

Suppose your credit company, a retailer you’ve provided with your data, or another source that has your sensitive information notified you that your personal data had been compromised. In that case, it’s the moment to act. Taking action immediately after the breach can make the difference between allowing cybercriminals to wreak havoc on your financial life or stopping them.

This article unveils recommendations on what steps you should take after your personal data was compromised online.

Find out what personal data was compromised

It’s scary and overwhelming to find out that your sensitive personal details have been compromised. But you shouldn’t let panic control your reaction and stop you from taking the needed measures. The first thing you need to do is find out what data has been compromised. Depending on the type of information exposed to cybercriminals, you may need to address the issue immediately.

In 2019, the Capital One data breach exposed people’s bank account numbers, credit card data, and Social Security numbers. If a cybercriminal gets your Social Security number, you should act urgently because they can open new lines of credit that can impact your credit history in the long run. If this happens, immediately contact your bank, credit card provider, and other credit bureaus to inform them of the breach. However, suppose the data breach only compromised details like your email or phone number. In that case, you don’t need to address it urgently because the impact isn’t as severe as with the previous scenario.

Change your passwords

It’s crucial to change your passwords, online login information immediately, and security questions and answers for all accounts (not only the breached ones), especially if they have similar passwords to limit the reach of the cybercriminals’ arms. After they get your sensitive personal information, it doesn’t take them long to figure out your bank account and email passwords. Diversify the passcodes to prevent hackers from accessing all your accounts at once because they can easily do it if you use passwords easy to guess, like your pet or child’s name or your birth date. Use a password manager to help you remember your new passwords. Ensure it encrypts your information so that only you can access it.

In addition to changing your passwords, you can also sign up for two-factor authentication for the accounts that allow it. This measure adds an extra layer of security to your account logins because it requires you to enter an additional level of identification to access your accounts.

Make sure you receive transaction alerts from your bank

Sign up for transaction alerts for your credit card and bank account to prevent any fraudulent activity triggered by the data breach. They send you notifications by text messages or email when there’s a charge to your accounts when you do so. Setting up the notifications for the lowest transaction amount is recommended because some cybercriminals test the accounts by withdrawing small amounts before making large ones. They may also make multiple small transactions to prevent you from identifying them. Notify your card issuer or bank the moment you see charges you don’t recognise.

Check for updates from the company

When an organisation is the victim of a data breach, it posts ongoing updates and disclosures about who has been affected and to what extent. For example, after Facebook was the target of a data breach in 2019, it revealed that the records of over 530 million users were exposed, including their Facebook IDs, account names, and phone numbers.

Organisations like Equifax offered a series of advisories to educate customers who were the targets of their data breach and teach them to protect themselves.

File a data breach compensation claim

The General Data Protection Regulation and Data Protection Act include provisions that enable data breach victims to file compensation claims. They state that you can seek compensation for damage, be it mental health or financial related. So even if the hackers cause no financial harm, you can still claim compensation for your psychological suffering. Assessing the full extent of the data breach is tricky because it takes months and even years to determine what impact the operation had on your finances. It will help if you work with a data breach solicitor because they have experience handling this kind of case and can cover all bases to offer you peace of mind. It’s best to discuss the issue with a trained legal adviser to check your specific situation and make recommendations.

Initiate a fraud alert

Alongside the above steps, you should consider adding another layer of protection, like placing a fraud alert on your credit reports. You can ask the credit issuer to place a fraud alert on your account if your personal data was compromised or if your social security card, wallet or other forms of personal identification has been lost. The fraud alert requires financial institutions and organisations to verify your identity before issuing a new credit line. The good part is that it’s active for a year, so it provides long term protection. If you find it necessary, you can renew it to ensure that the hackers won’t use your personal data to cause any financial damage.

Bottom line

In the context of being the victim of a data breach, it’s important to remember to be alert. Also, only because one of the organisations with your personal data experienced a data breach doesn’t mean you’re also a victim. Therefore you should check with it to find out what information was exposed. However, if sensitive data like social security numbers are stolen, you should act in the first 48 hours because you can become a victim on the road.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.