Victim of a Data Breach? Here’s How to Respond

A man and woman sit at a conference table near windows as they discuss ways to protect businesses from data breaches.

From Equifax to Capital One to Door Dash, data breaches and stolen information seem to be more than a trend; they’re now a constant. For many consumers, the question isn’t if—but when—you’ll discover that you’ve been the victim of a breach. Each of the incidents mentioned impacted millions of customers. One study from the global security firm Positive Technologies reports that breaches and cyberattacks impacted billions of people in 2018 alone.

Fortunately, finding that your personal or financial information was compromised doesn’t have to mean catastrophe. In many cases, your data may have been exposed, but a third party may not have used it. And if bad actors did steal your data, you can take action to limit the impact and prevent further issues down the road.

Here’s how to respond if you’ve received notice of a data breach:

1. Determine What Data is Affected

First, make sure that you understand the type of data in question—and how your personal information was specifically affected. If you’ve received an email noting that an account was breached, reach out to the company directly (believe it or not, fake emails about breaches are just another way cybercriminals access your information). Then find out what information was compromised. Was it credit card data? Account usernames and passwords? Social security numbers? Knowing the type of data exposed will help inform how you react. For instance, a stolen social security number can lead to fraudulent accounts opened in your name, tax returns filed on your behalf, and worse. Hijacked username and passwords may mean that updating your account security is enough.

2. Secure Your Accounts and Devices

The smartest thing you can do after learning about a breach is to secure the account in question. You'll also want to increase the security of the rest of your online accounts in the process. Follow these steps to do so:

  • Change your passwords, usernames, and security questions so that any old ones are immediately unusable.
  • Take advantage of two-factor authentication to increase your safety further. You can require a text code to be sent to your phone before you log in to specific accounts or even explore physical keys for your computer or smartphone.
  • Update your operating software on your computers and phones to the latest version. The updates often include security patches and added features that provide added privacy protection.

3. Monitor—and Potentially Freeze—Your Financial Accounts

Proactively monitor your credit, bank, and other financial accounts to ensure that you catch any abnormal activity early. Pay close attention to any new expenses and consider calling your financial institutions to ask what additional fraud protection measures you can employ. This may include canceling existing cards and opening up new ones, especially if the breach impacted a retail card.

Also, connect with the company that experienced the breach and make use of any free monitoring or remediation that they may offer. Several companies provide free credit monitoring to affected customers. If hackers obtained your social security or other data that they could use to make purchases or open up accounts in your name, consider issuing a credit freeze. You can do so via the three credit reporting agencies. A freeze allows you to restrict access to your credit history, making it difficult for someone else to open an account in your name.

4. Stay Vigilant

Data breaches aren’t going away. For consumers, that means a new reality of maintaining a higher level of security when it comes to financial data and personal accounts. Enacting the above measures after a breach is undoubtedly wise. What’s smarter—staying on top of tasks such as changing passwords, monitoring account activity and credit reports, and taking advantage of device and account security updates regularly. This is an area where a little effort can go a long way toward making it harder for criminals to access your information or cause much trouble if they do.

Data breaches may be a part of our new digital life—but you can take measures to limit their destruction. Follow these steps if you're a victim of a breach, and you'll protect your financial data and identity in the aftermath and well into the future.

The views expressed by the author are not necessarily those of Fifth Third Bank, National Association, and are solely the opinions of the author. This article is for informational purposes only. It does not constitute the rendering of legal, accounting, or other professional services by Fifth Third Bank or any of their subsidiaries or affiliates, and are provided without any warranty whatsoever.