Here's What To Do After a Data Breach

Highlights:

• Prevention is your best tool: Use strong passwords and multi-factor authentication.
• If your data is leaked in a breach, be proactive and change your passwords.
• Monitor your credit reports and take action if you see unexpected activity or new accounts.

What is a data breach?

A data breach is a security incident which enables unauthorized parties to get access to confidential information. This could be anything from a burglar stealing physical files to a cyberattacker downloading a customer database.

When a company you're a customer of suffers a data breach, it's important to take the situation seriously and act quickly to protect your identity. Data breaches can expose your personal information, such as: your name, address, Social Security number and financial details, to cybercriminals who may use it for fraudulent activities.

How to Secure Your Identity After a Data Breach

The first thing you should do is take advantage of any services the breached company offers to help protect you. In some cases, they may offer free credit monitoring services. If this is available, sign up for it immediately. Credit monitoring services can track changes to your credit reports and alert you to any suspicious activity and key changes to your credit reports, like new accounts being opened in your name.

Placing a security freeze is an important step you can take to restrict access to your Equifax^® credit report, with certain exceptions. This will restrict access on who can still access your Equifax credit report to open new accounts. A security freeze helps to prevent lenders from accessing your credit report, which can stop identity thieves from opening new accounts in your name. Security freezes must be placed on your credit reports separately at each nationwide credit reporting agency (NCRA)—Equifax, Experian^® and TransUnion^®. Placing, lifting and removing a security freeze is free.

You should also consider placing a fraud alert on your credit report. A fraud alert is a notice added to your credit reports that encourages lenders and creditors to take extra steps to verify your identity before issuing credit. You only need to contact one of the three NCRAs to place a fraud alert. Then the NCRA will forward your fraud alert request to the other two.

Steps to Take After a Data Breach

If you see a data breach reported in the news, don't panic:

• Contact the company whose records have been breached if you're a customer, to determine if your data was exposed.
• Change your password and follow best practices, such as never reusing passwords and including personal information in the password.
• If the account or application supports it, use two-factor authentication.
• If you think your personal information has been used elsewhere, notify your financial institutions and the three nationwide consumer credit reporting agencies—Equifax, Experian and TransUnion.

Protecting Your Private Information From Hackers

It's always better to be safe than sorry. Here are some things you can do to keep your accounts secure:

• Use strong passwords for all of your accounts that are long, complex and have a variety of different characters.
• Do not reuse passwords on multiple websites.
• Never open an attachment or click on a link in an email you weren't expecting.
• Do not share your personal information over instant messaging services.
• Update the apps on your phone regularly.
• Update your computer/laptop and anti-virus software regularly.

Understanding Recent Data Breaches

Businesses are often obligated to notify customers if their data has been exposed due to a breach. However, they may not be able to reach you if you've changed your email address or phone number, so it's a good idea to stay up to date yourself:

• Some password managers may notify you if one of your passwords has appeared in a data breach. Change your password immediately if this happens.
• Use the "Notify Me" service on HaveIBeenPwned.com to be alerted about new breached accounts matching your email address.
• If you find out about a breach, immediately follow the steps above.

The Importance of Taking Action

Even though financial institutions have several safeguards in place to protect customers from identity theft, skilled attackers can sometimes breach them. When identity thieves succeed, the consequences can be severe and long-lasting. For example, if someone takes out loans in your name, this could negatively affect your credit reports and credit scores.

Contact any one of these three nationwide credit reporting companies Equifax, Experian, or Transunion to place fraud alerts and security freezes on your credit reports. If you've been a victim of identity theft, you can request the credit reporting agencies to remove fraudulent information and debts from your credit reports.

If you freeze your credit before anything happens, you can save yourself time and stress. A security freeze makes it much more difficult for thieves to open new accounts in your name, as lenders won't be able to access your credit report without your permission. This simple step can act as a strong line of defense against potential identity theft. You can place and manage a security freeze on your Equifax credit report online by creating or signing into your myEquifax™ account.

By taking these proactive steps, you can better protect yourself from identity theft and the headaches that come with it.