7 Steps to Take Right After a Data Breach
Authored by a Symantec employee
When an organization that holds your personal information suffers a breach, you as a consumer need to know what steps to take—and quickly. The steps will vary, depending on the circumstances of the breach and the sensitivity of the stolen data. First, consider your specific situation:
- Confirm a breach occurred, affecting your information
- What type of data breach occurred?
- Was my information exposed in the breach?
- Has my Social Security number and other sensitive personally identifiable information (PII) been stolen, or is the exposed data more limited?
- Are the hackers doing anything with my PII yet, such as using it to commit identity fraud?
We’ve created a 7-step checklist to use in the case of a data breach. Depending on the severity of the breach and the information exposed, you’ll need to apply some or all of these steps to varying degree:
Your Data Breach Response Checklist
1. Confirm the breach and if your information was exposed.
The first step is to confirm that a breach actually occurred. When a data breach occurs, scammers may reach out to you posing as the breached company to try to obtain more of your personal information. Don't fall for fake emails. Go to the company's secure website and/or call the company to confirm the breach and whether your information was involved.
2. Find out what type of data was stolen.
Why does the type of information exposed matter? While stolen credit cards and the like can be canceled and replaced, it's quite difficult to obtain a new Social Security number. And fraudsters can do a lot more with your SSN and other unique, sensitive PII than they can accomplish with an email or credit card account.
3. Accept the breached company's offer(s) to help.
If the breached company offers to help repair the damage and protect you for a certain amount of time, unless there have been issues with their offer, take them up on it.
4. Change and strengthen your online logins, passwords and security Q&A.
It's important to immediately change your online login information, passwords, and security questions-and-answers for the breached account(s)—along with your other accounts if they have similar passwords and security Q&A—to limit the reach of the hackers' arms. This step was especially important for victims with stolen email accounts.
5. Contact the right people and take additional action.
This is where the type of data stolen really comes into play. If your credit and/or debit card information was stolen, you should reach out immediately to the financial institution(s) to cancel your card and request a new one. However, if personal information like your Social Security number was stolen, it may be easier for you to become a victim of identity theft. The FTC recommends:
- Taking advantage of free credit monitoring that may be offered by the company responsible for exposing your information
- Obtaining your free credit reports from AnnualCreditReport.com to look for activity you don't recognize
- Considering a credit freeze for your accounts with the three major credit report agencies so it’s more difficult for someone to open a new account in your name.
6. Stay alert; monitor your accounts closely.
It's important to watch for signs of new activity. In cases where Social Security numbers were stolen, the hackers and others who put their hands on the numbers may use them now or wait years when victims may be less suspecting. Follow the breach-related steps noted above when your Social Security number is exposed.
7. File your taxes early.
If your Social Security number has been stolen or you just want to take precautionary measures, you may be able to beat fraudsters to the IRS, making it less likely they'll commit tax-refund identity theft.
Bottom Line: Be Alert and at the Ready
In the wake of a data breach, remember that the breach alone doesn't mean you're immediately a victim. That could possibly come much later. The important thing is to stay alert and know what to look for. If you see any red flags, be ready to take action.
For more details, visit the FTC's identity theft website.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.