Data breaches expose millions of records yearly, resulting in loss of money, proprietary information, and privacy. Even some of the largest companies with strong security get attacked. Keep reading to learn what to do after a data breach. Then, help fortify your online defenses with an identity theft protection service like LifeLock Standard.
Get LifeLock Standard
The sudden realization that a cybercriminal has access to private details about your life is unsettling, to say the least. But the good news is that it’s not the end of the world — you still have options to protect yourself against data breach identity theft, and there are ways to recover your identity if you were already attacked.
You'll still need to run some damage control, whether they get a hold of your Social Security number (SSN), bank account logins, employment information, location coordinates, or anything else. In this article, we’ll tell you how to recover from a data leak in nine easy-to-follow steps.
1. Confirm if your information was exposed in a data breach
The first step is to confirm that a breach actually occurred. You won’t always receive a data breach notification when your personal data gets stolen. And even if you do, that doesn’t always mean it’s true. For all you know, it could be a phishing scam someone is using to convince you to voluntarily give up sensitive information.
However, if you see a company you’ve bought from in the news for a cyber breach, a notification from your data breach protection software, or oddities in your finances or online accounts, check with official channels to see if your account was involved.
- What to do: Safely determine whether or not you were a part of the data breach by going to the company's website to look for an account update or by contacting their customer service directly.
2. Freeze your credit
Credit freezes can restrict access to your credit report after a data breach so that new creditors (anyone considering you for a loan, apartment, credit card, etc.) shouldn’t be able to see your credit history until the threat of fraud diminishes.
By freezing your credit, you can prevent unauthorized users from opening up accounts or making purchases in your name. That’s because lenders, property managers, real estate agents, and anyone selling big-ticket items need to see your credit history before they can approve a contract or purchase.
- What to do: Contact the three major credit bureaus — Equifax®, Experian®, and TransUnion® — online or by phone, and officially request a credit freeze.
3. Determine what information was stolen
You might be wondering why it matters what information was stolen. After all, stolen personal data is bad no matter how you slice it. But, some types of stolen data are worse than others.
For example, stolen credit cards can easily be canceled and replaced, and stolen funds can quickly be disputed. But getting a new Social Security number can be extremely difficult if yours is stolen. Not only that, but the con artist who has your SSN can cause long-lasting problems by committing crimes or opening new accounts in your name.
- What to do: Contact the company that experienced the data breach and review their breach disclosure statements. You should be able to find out what information was stolen, whether it’s financial details, personal identifiers, login credentials, or something else.
4. Change your passwords
It's important to immediately change your online login information, passwords, and security question answers after a data breach. And don’t just stop at the affected account. Otherwise, cybercriminals could access other accounts and, subsequently, information about your finances and personal life.
At a minimum, update any account that uses the same login credentials as the compromised account to enhance password security.
- What to do: Change to a new, strong and unique password immediately. Also, if you have the option, force every connected device to log out of your account when you update it, to kick unauthorized users off.
5. Enable two-factor authentication
Two-factor authentication (2FA) is a security measure that asks users to prove their identity twice before granting access. This process typically requires you to enter a password and either a code (which gets sent to a secure device) or biometric data (such as a fingerprint or face scan).
In a perfect world, you’d have this set up before the data breach. Of course, hindsight is 20/20, and even after a data leak, 2FA can help protect your accounts and identity. It does this by keeping cybercriminals out of your account — even if they have the right password.
- What to do: Log into the affected account, navigate to the security and privacy settings, and look for the option to set up two-factor or multifactor authentication. If it’s an option, the site will guide you through linking your account to the secondary authentication method.
6. Get help from the company affected by the data breach
If the breached company offers to help repair the damage and protect you for a certain amount of time, take them up on it.
In most cases, a lack of security safeguards or personnel training cause security breaches in companies — and they will help resolve the issue. Beyond that, they likely have procedures to help customers recover their accounts, money, and anything else that is stolen in an attack.
- What to do: Seek support from the company that lost your information by using their dedicated response teams to learn more about new security measures and receive help to recover from the breach or identity theft faster.
7. Report the attack
You should report the data breach and resulting identity theft to the appropriate parties. If you aren’t sure whether the breached company is aware of the problem, contact them if you haven’t already. Doing this right away can help limit the damaging effects of the leak.
Other than the impacted business, you should also notify your bank and credit card companies as a preventative measure. If the breach resulted in losing money or sensitive personal information, like your Social Security number, you could more easily fall prey to identity theft or fraud.
- What to do: If you’re a victim of identity theft, you should freeze your credit with the credit bureaus and report it online to the Federal Trade Commission (or call them at 1-877-438-4338).
8. Monitor your accounts closely
It's important to stay alert and watch for signs of new activity in your accounts and credit reports after a data breach. In most cases, you’ll notice the warning signs of an account takeover or identity theft when you see settings or password changes, unexpected purchases, or unauthorized account updates.
You should also obtain your free credit reports from AnnualCreditReport.com to look for activity you don’t recognize.
- What to do: Monitor your credit reports to detect identity theft attempts early. You can use a credit monitoring service like LifeLock Standard that helps you monitor key changes to your credit file at a leading credit bureau and alerts you if strange account behavior is detected.
9. Invest in identity theft and data breach protection
Identity theft and data breach protection software is a useful investment, especially after a data leak. The combination of features offers an extra layer of defense helping you proactively monitor your credit, protect your identity, and keep your financial health in shape.
- What to do: Invest in a service like LifeLock Standard that can help you protect your personal information, notify you when cybercriminals sell your data on the dark web, and monitor your credit activity with a major bureau.
Secure your online identity
Today, cybercriminals seem to constantly invent new ways to steal and profit from personal data. That’s why it’s more important than ever to practice good digital hygiene and put protections in place for incidents that are out of your control. Sign up for LifeLock Standard to help protect you against identity fraud and manage things should you fall victim.
Get LifeLock Standard
FAQs about recovering compromised information and protecting your identity
Still have questions about the impact of data breaches? Here’s what you need to know.
How do I know if my personal information was compromised?
It depends. Most people discover that somebody stole their information after unusual account activity, unexpected transactions, or a breach notification. If a company is aware that somebody stole your data through their website, product, or application, they will generally publish a statement and send out a notification to users.
Some other warning signs of a data breach and identity theft include:
- New account sign-ups
- Old accounts being closed unexpectedly
- Account lockouts
- Suspicious transactions on your bank statements
- Sudden drops in your credit score
- An uptick in subscriptions and junk mail
- Unexpected notifications
- Unsolicited password reset notifications
What companies have experienced data breaches?
Unfortunately, data breaches are more common than you might think. Here are a few examples of data breaches involving well-known companies:
- (2024)
- Microsoft (2019)
- Chipotle (2017)
- Equifax (2017)
- Uber (2016)
- Target (2013)
How can your friends be affected if your information is stolen?
Cybercriminals can use stolen personal data to defraud your friends and network through phishing and other social engineering attempts. Those tactics can be more successful than general scams because people who know you are more likely to trust you and willingly share private information or click a link.
Editorial note: Our articles provide educational information for you. LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
