Identity Theft Protection

6 Steps to Take Right After a Data Breach

January 13, 2022

Are we monitoring all the information we can?

Get the most out of your subscription by adding your credit card numbers, insurance carrier information and any additional email addresses to your account.

When an organization that retains your personal information suffers a data breach, you need to know what steps to take—and quickly. The steps will vary, depending on the severity of the breach and the sensitivity of the information exposed. But first, you need to consider your specific situation and ask the following questions:

  • What type of data breach occurred?
  • Was my information exposed in the breach?
  • Has my Social Security number and other sensitive personally identifiable information (PII) been stolen, or is the exposed data more limited?
  • Are the cybercriminals doing anything with my PII yet, such as using it to commit identity fraud?

To help you in the event of a data breach, we’ve put together this handy 6-step checklist. 

Your Data Breach Response Checklist

1. Find out what type of data was stolen.

Why does the type of information exposed matter? While stolen credit cards and the like can be easily cancelled and replaced, it's difficult to obtain a new Social Security number. And cybercriminals can do a lot more with your SSN and other unique, sensitive PII than they can accomplish with an email or credit card account.

2. Change and strengthen your online logins, passwords and security Q&A.

It's important to immediately change your online login information, passwords, security questions-and-answers for the breached account(s)—along with your other accounts if they have similar login information—to contain the damage. This step is especially important if your email account has been compromised. Take time to ensure that you have strong and unique passwords across all your online sign-ins, using a password management tool like Norton Password Manager. 

3. Contact the right people and take additional action.

This is where the type of data stolen really comes into play. If your credit and/or debit card information was stolen, you should reach out immediately to your bank to cancel your card and request a new one. However, if personal information like your Social Security number was exposed, it may be easier for you to become a victim of identity theft. The FTC recommends considering a credit freeze for your accounts with the three major credit report agencies so it’s more difficult for someone to open a new account in your name.

4. Ensure your information is up-to-date with Norton.

Your information should be your own, from your Social Security number and credit card numbers to your email. So, if we find the personal information you provide to us, for sale on the Dark Web, we will alert you.

5. Always remain vigilant and monitor your accounts closely.

It's important to watch for signs of new activity in the wake of a breach. Check your accounts regularly for suspicious activity. In cases where a Social Security number is compromised, cybercrimninals have been known to wait years before using it, and when you least expect it, so always remain vigilant.

6. File your taxes early.

If your Social Security number has been exposed or you just want to take precautionary measures, you may be able to beat cybercriminals to the IRS by filing your taxes early, making it less likely they will be able to obtain a tax return in your name.

For more details, visit the FTC's identity theft website.

Are we monitoring all the information we can?

Get the most out of your membership by adding your credit card numbers, insurance carrier information, and any additional email addresses to your account. We’ll monitor them for any activity and alert you if we see something suspicious.†

Don’t have one of our newest Norton 360 plans yet? Click here to upgrade.

LifeLock does not monitor all transactions at all businesses.

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2022 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.