Cyberattacks on the rise: What to do before and after a cyberattack or data breach

December 17, 2021

New year, new cyber threats.

You might have resolved to increase your cyber safety in 2020, but you also understand that many threats to cyber safety are often beyond your control.

Even so, like a lot of Americans, you probably want to take steps to help protect what’s yours — like your devices, identity, online privacy, family and home. That’s why it’s smart to help protect your internet-connected devices and guard your sensitive personal information.

You can’t prevent a cyberattack or a data breach — either one could involve your personal information, and both could affect your well-being. But you can do things to minimize those threats and react to bad news.

Here’s what you need to know about navigating potential cyberattacks and data breaches.
This article describes steps you can take to help protect yourself against cyberthreats in 2020 and beyond.

How are cyberattacks and data breaches different?

A cyberattack occurs when cybercriminals try to gain illegal access to electronic data stored on a computer or a network. The intent might be to inflict reputational damage or harm to a business or person, or theft of valuable data. Cyberattacks can target individuals, groups, organizations, or governments.

A data breach is a type of security incident. It occurs when information is accessed without authorization. The information accessed could include personal information such as Social Security numbers, passwords, and financial account numbers. The breached information is sometimes sold or traded on the dark web and can be used to commit crimes like identity theft.

A cyberattack often happens first. A data breach might follow. Both incidents can have an impact on you. The damage could range from lost data on your laptop to blocked access to certain government services.

Who are cyberattackers? They can include anyone from individual snoops or cybercriminal operations to government-sponsored groups.

What should I do to help protect myself before a cyberattack or data breach?

It’s smart to develop strong cyber safety habits to help prepare for a cyberattack or data breach. Large-scale attacks and breaches might occur at major organizations, but it’s also important to secure your personal information and networks.

Here are three steps you can take.

1. Protect your files and devices

Keep your software up to date. Keeping your security software, web browser, and operating system updated to the latest version. Updates patch security holes that cybercriminals could exploit to access your personal information or infect your devices with malicious software.

Secure your files. You can choose one or more ways to back up your important documents. Your choices include external hard drives, flash drives, backup services, and in the cloud.

Encrypt your devices. You probably have sensitive personal information on your devices, including laptops, tablets, and smartphones. Consider encrypting those files. Encryption scrambles readable text, so only someone who has the decryption key can access and read it.

Use multifactor identification. Multifactor identification (also called two-factor authentication) can help prevent cybercriminals from accessing your accounts. Take the extra security step to enable multifactor authentication on any account that requires login credentials. Often, a security code will be sent to your smartphone to complete the log-in process.

2. Protect your wireless network

Secure your router. Some routers come with a default password, and cybercriminals might already know what it is — meaning your network would be at risk. Change the password on your router to something a cybercriminal would be unlikely to guess.

Use strong encryption. There are different types of encryption. Make sure your router offers WPA2 or WPA3 encryption. Both are strong forms of security. Encryption protects information sent over your network so it can’t be read by outsiders.

3. Practice smart cyber security habits

Use strong passwords. Make your passwords strong and unique. A strong password contains at least 12 characters, including letters, numbers, and special symbols. Avoid using the same password on more than one account.

Use a VPN. A virtual private network — better known as a VPN — can help protect against online threats. A VPN gives you online privacy and anonymity by creating a private network from a public internet connection.

Stay current. It’s a good idea to keep up with cyberthreats, in part, because they continue to evolve. Staying current on news and developments is one way to help prepare to react to new cyberthreats.

What should I do before and after a cyberattack or data breach

Even if you have a heightened awareness of possible cyberattacks and data breaches, it’s hard to know exactly how they might affect you until they happen. Each cyberattack or data breach event is different, and different types of data may be exposed or vulnerable depending on what type of attack occurs. How you react and recover will depend on the individual circumstances.

You can apply these six steps to different types of data breaches and cyberattacks. Cybercriminals might target different organizations, including government offices, health care facilities, financial institutions, colleges and schools.

1. Confirm the breach and find out whether your information was compromised.

It’s important to take action quickly. Contact the breached organization and pay attention to any statements from the breached organization to find out if your data is part of the information involved in the security incident.

2. Find out what type of data was stolen or affected.

The type data of data impacted could guide your next steps. For instance, you might consider monitoring your accounts for unauthorized activity, changing your password, or placing a credit freeze on your accounts.

3. Accept the breached organization’s offers to help.

Breached organizations often offer help. They may offer credit monitoring or identity theft protection services, for instance. Consider whether the services are right for you.

4. Change and strengthen your login credentials and passwords.

To help protect your accounts, change your passwords and make sure they’re strong and complex. Be sure to strengthen your login credentials, passwords, and security questions-and-answers.

5. Contact the right people and take additional action.

It’s a good idea to reach out to the breached organization to seek help with your recovery. You might contact other organizations, too. For instance, you can obtain free credit reports from AnnualCreditReport.com to watch for any suspicious or unfamiliar credit activity. Or you might consider placing a fraud alert or credit freeze on your accounts with the three major credit bureaus.

6. Stay alert. Monitor your accounts.

The steps you should take after a cyberattack or data breach often depend on the category of the targeted organization and the type of damage done or information revealed. Also, be alert for phishing attempts from cyberthieves who may contact you by phone or email, claiming to be from the breached company, trying to trick you into providing personal information.

How likely are cyberattacks and data breaches

It’s impossible to say how, when, or how often cyberattacks and data breaches are likely to occur. A heightened awareness that they can happen at any time can help you to prepare and to recover.