So, what should you do after a corporate data breach that involved your personal information? For instance, this is exactly what happened 5 years ago when Equifax, one of the biggest credit bureaus in the world, discovered that a data leak exposed 147 million consumers’ names, addresses, dates of birth, Social Security numbers, and credit card numbers.
The good news is there’s a lot you can do to protect yourself after these kinds of events. As recommended straight from the credit bureaus themselves, here are five steps to protect yourself after a data breach:
If your personal information was exposed in a data breach, the breached company is required by law to notify you. When you get their letter in the mail, take their recommendations seriously. Keep in mind that breaches can take a while to detect, and by the time you receive a company’s notice in the mail, your information might have already been available to criminals for quite a while. So be extra vigilant when receiving bills, statements, IRS notices, or unusual mail.
Starting with your accounts that were a part of the breach, update your passwords and PINs that you use to login to your bank account and credit cards. If you can, activate two-factor authentication. This requires you to get a confirmation code via a text message or email to prove it’s really you before you can login. That makes it much harder for thieves to access your accounts.
A fraud alert lets lenders know that you might be a victim of fraud or identity theft and that they need to make really sure that anyone applying for credit in your name is really you.
You can add a fraud alert by contacting just one of the three credit bureaus (Experian, TransUnion, or Equifax) and your alert is automatically added at the other bureaus. The alert will stay on your credit report for one year. You can renew it when it expires.
Set up any available alerts with your bank and financial custodians to let you know of activity on your accounts. Check your credit report and look for accounts or activity you don’t recognize or addresses you aren’t familiar with. The company that was breached should also offer you a year of free credit monitoring, so take advantage of that.
It’s a little more inconvenient than a fraud alert but really effective. You can put a freeze on your credit for free, which limits access to your credit report. You can freeze your Experian credit report here, Equifax here, and TransUnion here.
By freezing your credit at all three bureaus, scammers can’t apply for credit in your name because your credit report can’t be pulled. But if you need to apply for credit or a loan, you’ll need to unfreeze your credit first. To do that, login to each bureau’s website and unfreeze your credit in the same place you froze your credit.
And remember, while corporate data leaks are out of your control, you can do a lot to protect yourself from the everyday identity theft attempts:
For all the convenience of handling so much of our lives online, the downside is having our information potentially stolen in any number of ways. While you might not be able to avoid being part of a company’s data breach, knowing how to protect yourself can help mitigate or completely prevent the damage. It goes to show just how important it is to safeguard your information as much as possible on the internet.