When it happens, you feel powerless. Getting an email or letter from a business about a data breach can be profoundly upsetting.
Such notifications usually mean that unauthorized people have accessed sensitive information. This information may include your name, address, email, phone number, financial details, or even your social security number.
The Breach Notification
When you first open the email or letter, you might see that it has a formal tone. This tone shows the seriousness of the situation. The communication usually starts by acknowledging the incident. It gives a short summary of what happened. For example, the business may say they found a security breach in their systems. This breach lets hackers enter their database and access customer information.
The message will likely include details about the breach. It will explain when it happened and how it was found. It will also specify which specific data hackers compromised. This information is crucial for you to understand the potential risks associated with the breach. The business may explain the steps they are taking to investigate the incident. They will also share how they plan to prevent future problems. This can help reassure you that they are taking the issue seriously. The message will explain the breach and tell you what to do next.
This may include suggestions to watch your financial accounts for any strange activity. You should also change your passwords and sign up for identity theft protection services. The business may also provide resources like a special hotline or website. You can use these to find more information and help.
Furthermore, the letter or email may include information about your rights in relation to the breach. Depending on where you live, the business may have to inform you about legal requirements. They might also explain what you should do if you think someone has stolen or misused your identity. Getting this kind of notification can be scary. However, it is important to stay calm. Take the right steps to protect yourself.[/vc_column_text][/vc_column][/vc_row]
Need Some Expert Help? Schedule Your Next Cybersecurity Assessment Audit Today.
Don’t let cybersecurity questions haunt your business. We can help you find and fix potential issues.
The 8 Steps to Take After A Data Breach Notification
By staying informed and taking action, you can reduce the impact of the data breach on your personal and financial health. It happens all too often today. Data breaches happen at banks, online sites like Facebook, and e-commerce stores. Moreover, governments also face challenges. This leaves personal details such as your address, Social Security Number, and credit card information vulnerable to theft.
You have little control over a business getting hacked. But you can take important steps afterward. We’ve outlined the most important things to do below. These steps can help you mitigate the financial losses.
Change Your Passwords
The first crucial thing you should do is change your password. Change the password for the service that sent you the breach notification first. Then, change it for any logins using the same password.
This is one of the reasons it’s a best practice to use unique logins for every site. Many people get in the habit of using the same password in several places. This leaves more than a single breached login at risk. Use a password manager to help you create strong passwords. You only need to remember one to access all the others.
Delayed breach detection (over 200 days) is correlated with a 25% increase in financial losses
Enable Multifactor Authentication (MFA)
Multifactor authentication can keep accounts secure, even if a hacker stole the password. Enable 2FA or MFA for the breached service. Then, ensure you have MFA activated for all other logins, where possible. People also call MFA two-factor authentication or two-step verification.
Common forms of MFA are:
- Text message
- Authentication app
- Security key
Using multi-factor authentication (MFA) can prevent 99% of common account compromise methods
Check Your Bank Accounts
If payment card details were breached, check bank accounts. You’ll want to watch these for several weeks for fraudulent charges. Report the breach to your bank to have them issue you a new card if needed.
Notify your bank about the 3rd party data breach. This can help keep you from facing responsibility for fraudulent charges. Getting out ahead of it is good. Your bank can then help you with appropriate steps to avoid fraud.
Freeze Your Credit
Online criminals will often sell breached personal details. These details can enable someone to take out credit in your name.
Contact the three credit agencies. They each have ways to freeze your credit to protect you. You can do this right on their websites.
The three credit agencies are:
- Equifax
- Experion
- TransUnion
A breach notice is a threat—What is your action plan?
Carefully Review the Breach Notification
Understanding exactly how the data breach may impact you is important. Review the notice you received. Additionally, look for updates on the company website.
These are the things you should be looking for:
- The type of data exposed (passwords, card numbers, etc.)
- What reparations the company is making (e.g., credit monitoring)
- Any instructions given to secure your account
Regularly check the company’s website. Often, they don’t immediately know how far-reaching the breach is. You may check back later to find out if other types of sensitive data have been exposed.
Get Good Cybersecurity Protection
Make sure you protect your device and network. Some simple tools exist that you can use to beef up personal device security. These include:
- A good antivirus/anti-malware program
- DNS filtering to block malicious sites
- Email spam filtering for phishing
Another good protection you can use is a VPN. This helps mask your traffic. It is especially helpful if you’re using public Wi-Fi. VPNs are easy to use. You can use VPNs for both computers and mobile devices.
Be On the Lookout for Phishing Scams
Data breaches often expose emails. This means you may receive an uptick in phishing emails. Phishing is incredibly convincing since criminals have AI at their disposal. Phishing emails often are hard to spot from the real thing.
Stay ultra-aware of any unexpected emails. Follow best practices to avoid becoming a phishing victim:
- Hover over links to see them
- Go to websites directly. Don’t click email or SMS links
- Beware of unknown senders
- Watch for phishing on social media and text messages
- When in doubt, double-check through an official source
Make Sure to Update Software & Systems
Hackers often exploit unpatched vulnerabilities. How do you get unpatched vulnerabilities? Most times it’s from failing to keep software updated.
Make sure to update your device’s operating system. Update all apps or software on your devices. Update firmware for routers and printers. Update firmware for smart devices.
There are so many updates we need to do with our electronics. You can stay protected by automating your updates.
Managed Security Services You Can Count On
Managed services can keep you protected at work and at home. Need help improving device security? We’ll be happy to discuss our options.
Contact us today to schedule a chat about device security.