So your data was exposed in a breach. What should you do now?
It may seem like the damage is already done by the time you receive one of these notices, but there are actually important steps you can take at this point — both to minimize the damage from the breach that already happened and to help prevent your personal information from getting out there once again. The reality is, “if attackers have your email address and password for one site or app, they may have the keys to much of your life, especially if you’re using the same password for all of your accounts,” said PC Mag.
This could lead to more serious issues, like identity theft or the publicization of private accounts. Follow these tips to stay safe and avoid some more serious consequences.
1. Check all of your accounts — and keep checking them
Especially after being the victim of a data breach, it is essential that you check in on your accounts and make sure nothing looks fishy. But this is good practice to be doing on a regular basis either way. “There are so many ways for hackers and identity thieves to circumvent security measures that you need to regularly check your financial accounts, going line by line and questioning every single charge or debit — no matter how small,” said The Washington Post. Also take a moment to check in on your credit report.
2. Consider a freeze
Another step to consider taking, especially if a breach has already happened, is to place a credit freeze, which makes it so the “credit bureau can’t release any information in your file without your permission,” said the Post. This effectively prevents would-be thieves from opening any new accounts in your name. A freeze is a bit of a pain — you will need to individually make the request at each of the three major credit bureaus, Experian, Equifax and TransUnion — but it is totally free to do, and can offer a reassuring level of protection.
3. Step up your password strength
“Weak passwords are often the bulk of data breach records,” said PC Mag, so once it happens, it is vital to take steps to strengthen yours — especially if you are a repeat user. Some general rules of thumb when choosing new passwords? “Aim for at least 10 to 12 characters” and “avoid common names, places and dictionary words,” opting instead for a “long sentence-like string using a random mixture of uppercase and lowercase letters along with numbers and symbols,” said Ally, an online bank. If you are worried about keeping track, a password manager can make it easy.
4. Think twice before you share
Before signing up for an online account, “consider whether you really need to provide all the requested information: a free gaming account might not need your full name,” said Norton, a cybersafety company. The less you share, the less chances you have of your data getting exposed. This goes for social media as well.
Even once you have been victimized, there are steps you can take to minimize the damage
