What To Do After A Data Breach – Downeast Credit Union
Loader

What To Do After A Data Breach

Posted on September 23, 2024 | Fraud Defense

A data breach is an incident in which sensitive, confidential, or otherwise protected data has been accessed in an unauthorized fashion. Data breaches can reveal personal information, such as Social Security or credit card numbers, financial institution details, passwords, and other personally identifiable information. With that information, fraudsters can steal your identity. They can apply for credit or medical benefits in your name, or even file for your tax return. While a data breach doesn’t mean there’s a certainty someone will commit fraud in your name, it does increase the chance and puts you in a vulnerable position. If you do become a victim of a data breach, here are some steps you can take to lower the threat and keep your personal finances, credit score, and identity safe from criminals.

Find out what was breached.

The first step in responding to a data breach is figuring out exactly what of yours was stolen or exposed. Maine, along with every other state in the U.S., requires affected companies to inform people if their information was accessed as a result of a data breach. Companies must tell you what happened and how it may impact you, but data breach notices aren’t always easy to understand. The notice can be vague or confusing. However, fully understanding what information of yours was exposed can help you be more strategic with your damage control. If you have questions or want clarification, contact the company that sent you the notice after searching for their official contact information. This can help you get the answers you’re seeking. Additionally, by searching for their official contact information, you can avoid falling victim to potential phishing attempts. Some cyberattackers will pose as the affected company and reach out to those affected by the breach in order to phish for more data.

Change your passwords.

If your password was compromised in a data breach, you should change it immediately. If you use that same password elsewhere, you should change it there as well. It’s a good idea to regularly change your password and create unique, strong passwords for all of your online accounts. If you reuse a password, data breaches can give fraudsters access to all the sites you use that password on. For example, if your password is “WickedG00dLobstah1” on both Amazon and Netflix, and Netflix.com experiences a data breach, the fraudster may take your username and password and plug it in to other sites. This is called “credential stuffing.” If they eventually try your credentials on Amazon, you’ll now have two compromised accounts instead of one. Change your passwords after any breaches and use different passwords for all of your online accounts. To further secure your accounts against fraudsters, enable two-factor authentication.

Contact the major credit bureaus.

If your personal information was stolen during a data breach, you can contact the three major credit bureaus (Experian, TransUnion, and Equifax) to initiate fraud alerts and freeze your credit. By adding a fraud alert to your credit report, it will warn lenders that you may be a victim of fraud. This is an extra precaution and will let potential lenders know they should contact you before opening any new lines of credit in your name. You can also freeze your credit for free at each of the major credit bureaus. Freezing your credit prevents any new credit accounts from being opened in your name. Even if identity thieves have accessed all of your personal information in a data breach, they can’t open new accounts in your name if your credit is frozen. However, when your credit is frozen, even you can’t apply for credit. If you need a new loan or credit card, you’ll need to unfreeze your credit––which you can do anytime at no cost.

Fill out an identity theft report.

You can visit https://www.identitytheft.gov/ to help you navigate the situation in the event of a data breach. The website provides education and can help you understand your options on a recovery plan. If you become a victim, the earlier you fill out the identity theft report, the better. When you receive your completed report, you can send it to each of the credit bureaus to request the removal of any unauthorized activity.

Stay alert.

One of the most important things you can do after a data breach is to remain alert and attentive. Monitor all of your accounts closely. Check your credit union account through online or mobile banking, and check your credit report. Federal law allows you to get a free credit report from each of the three main credit bureaus once every twelve months. If you see anything unusual, contact your credit union, the credit bureau, and fill out an identity theft report. By staying alert, you can catch any unusual activity before a fraudster can do too much damage.