Have you ever received the data breach notification email? Here’s what that’s like … You open your inbox and notice a subject line that reads “We’re sorry” or “Security Alert: Data Breach Notice,” and naturally, you’re drawn to open it right away. Inside is an apology from the company that suffered a data breach and then — the worst part.
“Here’s the list of your personal data that’s been affected by the recent breach.”
That’s how you’ll find out that your data got leaked. Emails, passwords, physical addresses, credit card info … All of that could be lost in a simple data breach if the company you’ve signed up with fails to ensure proper security. So, what do you do next? Here’s a list of steps you should take after you find out that there’s been a security breach on a website you’ve used before.
Confirm That Your Personal Information Was Exposed
It's important to react quickly when you get an email like this. However, before you click on any links or files in the email you received, confirm that the email came from the actual company in question. Why? Because hackers usually want to be a few steps ahead, so they send out fake phishing emails to people like you, posing as the breached company to dig out even more sensitive info.
Instead of falling for these tricks, first head over to the company’s website or give them a call to confirm that a breach took place and ask whether your information was affected.
Find Out What Got Exposed
Once you confirm that your personal info was affected by the breach, the next step is to find out exactly what type of data got exposed. This will allow you to act accordingly and prevent any further damage. The sooner you react to this, the lower are the chances that hackers will have time to further exploit your data.
For instance, if you find out that your credit card info was stolen, you should immediately cancel and replace the card. The same thing goes with passwords don’t get us started on why you should be using the same password on multiple occasions).
Seek Help From the Breached Company
In many cases, the breached company will offer to help their customers assess and repair the damage caused by the security issue. Although in some cases, companies won’t be able to do anything about it, if you’re lucky, they may offer to solve the issue.
For instance, credit reporting agencies that have suffered security breaches previously often offer credit file monitoring and identity theft protection as a way of helping their customers in this situation. Ask the company if there’s anything they could do and, if they’re offering help directly, go for it.
Change Your Login Credentials
Act fast to change your online login information, even before you hear back from the company on what type of data was exposed during the breach.
Make sure to change your passwords, and security questions and answers for all the accounts you may think are associated with the breach. If you’ve ever used similar or identical passwords on other accounts, make sure to change those as well.
Contact the Right People
Now that you’ve got the passwords out of the way, contact financial institutions or other organizations that may help you prevent further damage. If your credit card info was stolen, contact the bank to cancel the card and prevent financial theft.
The same thing applies to the rest of the stolen documentation – contact the authorities for more info and guidance.
Stay Alert
Once you’ve changed all your passwords and contacted organizations that can help prevent further damage, all you can do is sit back and watch for red flags or suspicious activity within your accounts. In some cases, hackers don’t act right away
but choose to wait for months, if not even years, to take action using the stolen info. This makes it less obvious as to where the threat is coming from. All you can do is remain alert and practice better cybersecurity from now on.
How to Prevent Future Leaks
Although there’s little you can do to impact the cybersecurity of organizations and websites you join, you can practice safety measures to protect your personal data as much as possible.
One of those measures includes using a VPN service to hide your identity and data while surfing the web. You should also set up a trustworthy antivirus to make sure no harmful malware gets installed on your device.
Most importantly, stay alert of potential threats and avoid opening suspicious links that could lead to data theft. If you don’t know where an email is coming from, it’s better to ignore it than to find out by clicking on its attachments. Remember, a VPN service and an antivirus are a must-have!
