InMyArea.com earns commissions from some of the providers we list on our site. Learn more  

InMyArea.com Logo
888-894-5573

What to Do When Your Personal Information Has Been Exposed in a Data Breach

Updated:
A man sits in a dark room on the phone, and his computer says his email account has been hacked in this image from Shutterstock

You shouldn’t lose your cool if you’ve been hacked. (Image: Shutterstock)

Data breaches are happening more often these days and can affect anyone. If your personal information is in the wrong hands, it could lead to big problems, like identity theft or losing money. Knowing what to do right away can help you protect yourself. Here’s a straightforward guide on how to handle a data breach.

Get Information: What Was Exposed, and How?

A data breach means that your private information, like your name, address, or credit card number, might have been shared without your permission. Knowing exactly what info was leaked helps you figure out how serious the breach is and what you should do next.

Hackers will target all kinds of personal information when they breach your data. What damage they’re capable of varies depending on what information they find. If they crack your email, you may see an influx of spam and fake login attempts for accounts that use your email address. Stealing your phone number can result in SIM-jacking (stealing and rerouting all incoming calls and texts). The most damaging of all is if they obtain your Social Security number. With that, they can cause scams, loan and tax fraud, and identity theft.

You should confirm any message you get about the breach is real by calling the company directly. Don’t click on any links in emails that look suspicious. Be wary of calls or emails that seem designed to get you to panic.

If you were notified of the breach by a company or app you use, reread that email or contact them for more information. You may also want to invest in a personal monitoring service, such as LifeLock. These services will check major leaks and let you know what has been exposed.

Change Your Passwords

This is the first and most crucial step. If a website you frequently log in to has been breached, change your password on that site immediately. Any other accounts with the same or similar passwords should also have their passwords changed. (In the future, try not to reuse the same or similar passwords!)

Use the information you learned by looking into the breach to determine which passwords you should change first. It doesn't hurt to change passwords for all of your important accounts, even if you’re not sure they’ve been compromised.

Set Up Two-Factor Authentication

Two-factor authentication is an additional layer of security to help protect your data. Has a website ever asked you for the name of your first pet or second-grade teacher? Your answer is a form of two-factor authentication. If you forget your password, the site will pull up the security question for you to answer. A hacker might be able to figure out your password, but it’s harder for them to know what make and model your first car was. If you’re especially concerned, you can always lie. Hackers might find out your mother’s maiden name, but it will do them no good if you use a made-up name!

Another, stronger form of two-factor authentication is an external app. These are third-party apps that generate random codes every minute or so. If you attach one to your account, you need to input the current code to verify your identity. Ideally, you’re the only person with access to the authenticator app, so this prevents others from accessing your accounts and stealing your information. These apps are almost always free. Google Authenticator is one popular and reputable example.

Though it may feel like a bit of a chore, two-factor authentication (“2FA,” for short) will keep bad actors from getting into your account with the password alone. Passwords can be cracked or guessed, so be smart. Use 2FA whenever you can.

If Necessary, Cancel Credit Cards and Freeze Accounts

A credit card hooked on top of a laptop’s keyboard in this image from Shutterstock
The countermeasures you take will depend on what information was breached. (Image: Shutterstock)

If you believe a breach has compromised your financial accounts, there’s no need to panic. Contact your bank and credit card company immediately. Request new cards, cancel old ones, and look into your options for freezing accounts, just in case.

Many financial institutions offer fraud protection services and will not hold you responsible for unauthorized purchases. Nevertheless, it’s very important to act fast and lock down any exposed accounts.

Visit IdentityTheft.gov

A personal data breach is the quickest way to incur a case of identity theft. If you’re concerned that your identity is stolen, visit IdentityTheft.gov. It’s an official government website run by the Federal Trade Commission. It will ask you to input the information relevant to your situation. From there, it’ll help you formulate a plan to reclaim your identity.

The website will also help you fill out any essential forms or letters you may need. Even if you aren’t sure your data is in danger, the site will still help you build a personal plan and offer advice. The U.S. government takes identity theft extremely seriously — use this to your advantage.

You may also want to file a report with your local police department. The report will help dispute any fraudulently obtained loans or credit cards when debt collectors come calling. If you’re concerned that the police won’t be unable to help because the hacker lives outside of your city or state, you can contact the police department in the city where the theft occurred. No matter what, you’ll want to have the police report on hand. If the police push back, stay persistent (but polite) in getting the report from them.

Sign Up For Credit Monitoring

If your financial details were involved, think about using a credit monitoring service. These services alert you if there’s any unusual activity in your credit history.

Many such services also include personal information monitoring, which will alert you when your personal information has been posted online.

Install a VPN

NordVPN branding magnified in this image from Shutterstock
A VPN can keep your data safe, even if there’s a breach. (Image: Shutterstock)

You know how when you connect to a new internet connection, your device will ask if it’s a private or public connection? Statistically, private networks are safer than public networks. That’s not to say you can’t get hacked over a private network or that you shouldn’t process personal information over a shared connection. It’s overall safer to perform private matters like banking or online shopping at home or over a connection you trust.

With a virtual private network (VPN), you’ll have the safety of your home Wi-Fi network anywhere. Turning it on blocks online trackers and encrypts your data. There’s also the option of changing your computer’s location. You may be sitting in your home in Missouri but have your location set to Dublin, Ireland. Of course, almost all VPNs require a monthly fee. However, it may be worth the extra expense when it comes to your sensitive data.