Data Breach

Six Steps to Take Immediately After Learning of a Data Breach

We read about them almost daily, major data breaches of personal information, medical records and insurance information. So far in 2019, Dow Jones, Rush University Medical Center and the Health Alliance Plan have experienced major data breaches that include personal medical information, identity records, social security numbers and more. Just these three breaches alone potentially expose the personal information of over 2.5 million people.

According to IdentityForce, one in three victims of a major data breach will go on to become a victim of online crime. So, what steps can you take to lessen the pain of being caught up in a major breach? Read on for six steps to take immediately after learning of a data breach.

  1. Check for Potential Impact(s) – Major organizations whose data has been breached nearly always set up a website or online presence for their customers/members/clients to check to determine if they are affected. Many states require that individuals be contacted by mail if they are a part of a major breach. Even if you don’t receive a letter, if you learn that one of your institutions has been breached, start checking for impact right away.
  2. Take Advantage of Free Credit Monitoring – Make sure to enroll as soon as possible. Credit monitoring doesn’t prevent identity theft but does provide alerts for any other later impacts, should they occur.
  3. Change your Passwords and Logins right away – Since you won’t know exactly what was stolen, you really need to do this on every account that might be tied to the breach. Consider adding two-factor authentication while you are in this process.
  4. Check your Credit Reports – We are all entitled to a free credit report annually from the three major credit bureaus, Equifax, Experian, and TransUnion. Make sure to request all of them each year.
  5. Think about Freezing Your Credit – Again the Big 3 credit bureaus come into play. A credit freeze means NO creditors will be able to check your information, including mortgage lenders, credit card companies and auto dealerships. You can unfreeze your credit info at any time, so it’s worth the relatively minor inconvenience. You will have to do this with each of the credit bureaus. If you don’t want to freeze your credit, at the least set up Fraud Alerts with all three. They’re free, last for 90 days and give you a heads up of any other suspicious activity.
  6. Finally, Be Aware of Phishing Attacks – Since some of your information may be in the hands of online criminals, be very wary of unsolicited emails and offers. As the old adage goes, think before you click!

If you believe a data breach has exposed your personal information, please visit us at for next steps & recovery.

Nearly all of us have been or will be part of a major data breach. It is a part of our digital world and the steps above are some of the ways we begin to restore our identities and regain our voice. Know that you have this resource, the Cybercrime Support Network, to add our voice and those of other cyber safety sources in your recovery journey.

Until next time,