Skip to main content

Personal Data Security

How to Respond to a Personal Data Breach

October is National Cybersecurity Awareness Month. In the spirit of promoting greater awareness of how to protect your data (see Personal Data Defense article from September), below are some tips on what to do if you are hacked.

  • Confirm the Breach: verify whether your personally identifiable information (PII) has indeed been compromised; check for unusual account activity, notifications from financial institutions, or alerts from the compromised service or organization.
  • Change Passwords: if the breach involves an online account, change the password immediately; use a strong, unique password for each account, and enable multi-factor authentication (MFA) where available.
  • Contact Affected Institutions: if your financial accounts or credit cards are involved, contact your bank or credit card company to report the incident; they can help you monitor your accounts for unauthorized transactions.
  • Credit Freeze / Alerts: consider placing a credit freeze on your credit reports with the major credit bureaus (Equifax, Experian, and TransUnion); this restricts access to your credit report, making it more challenging for identity thieves to open new accounts in your name. Alternately, you can place a fraud alert on your credit reports, which requires creditors to take extra steps to verify your identity before granting credit.
  • Monitor Your Accounts: continuously monitor your bank, credit card, and other financial statements for unusual or unauthorized transactions. Review your credit reports regularly to check for fraudulent accounts or activity.
  • File a Police Report: if you believe your identity has been stolen, file a police report; this documentation may be required by banks, creditors, or other organizations to prove that you’re a victim of identity theft.
  • Report to Government Agencies: contact the Federal Trade Commission at gov to report the identity theft or data breech; they provide resources and guidance for victims.
  • Notify Creditors and Utility Companies: inform your creditors and utility companies about the situation; they can help you investigate and resolve fraudulent accounts or charges.
  • Update Online Accounts: review your online accounts, including email and social media, for any signs of unauthorized access; change passwords and enable MFA where possible.
  • Document Everything: keep a detailed record of all communications and actions taken regarding the breach; this documentation may be necessary for resolving any issues that arise later.

If you’ve managed to avoid being hacked, that’s certainly a good thing! But knowing what to do if your data security is breached can save you time, aggravation, and money.





How to Play Digital Defense and Protect Your Personal Information

US Consumers lost $8.8 billion to financial fraud last year, up 44% from 2021, according to a recent Bloomberg News article. And cybercrime costs worldwide are set to grow to $19.5 trillion by 2025.

The Federal Trade Commission notes hundreds of thousands of cases where individuals have reported losing at least $1,000, as the chart below shows.

Many of us have been affected by cyber crime, either directly or indirectly by way of a relative or friend. Knowing what steps to take to create a more secure digital environment can give you greater peace of mind and hopefully allow you to avoid being scammed.

Here’s our Top Ten List for Playing Digital Defense and Protecting Your Personal Data:

  1. Use Strong, Unique Passwords: use a different password for each online account and consider using a reputable password manager to generate and store your passwords securely.
  2. Enable Multi-Factor Authentication (MFA): this adds an extra layer of security by requiring you to provide a second form of verification (e.g. a text message code) in addition to your password.
  3. Regularly Update Software and Apps: this helps to keep your computer and phone operating systems, software applications, and antivirus programs up to date.
  4. Use Secure Connections: ensure websites you visit have a secure connection (look for “https:// and a padlock icon in the address bar).
  5. Be Cautious with Emails and Links: verify the sender’s authenticity before clicking on links or downloading attachments, and don’t provide sensitive information through email unless your email is encrypted.
  6. Limit Your Data Sharing: be mindful of information you share on social media platforms and adjust your privacy settings to limit who can see your personal information.
  7. Monitor Your Financial Statements: regularly review your bank and credit card statements for unauthorized transactions and report suspicious activity immediately.
  8. Regularly Check Your Credit Reports: request free annual credit reports from each of the three major credit bureaus (Equifax, Experian, and Transunion).
  9. Freeze Your Credit: consider freezing your credit with the credit bureaus; this makes it more difficult for identity thieves to open new accounts in your name.
  10. Consider Using a Virtual Private Network (VPN): this provides an extra layer of protection when you access information through publicly available sources; using a VPN (provided by a vendor) makes it harder for observers to identify you and track your online movements.

Conducting an annual personal cyber safety audit is a worthwhile endeavor. It will help you determine if you’re at risk of having your identity stolen or becoming a victim of fraud. Here’s a checklist that will help you conduct your personal audit and improve the way you play digital defense.