What to do if your personal information is exposed in data breach

Your personal information is valuable. And bad actors are working harder than ever to get their hands on it. Data breaches were up 20% in 2023 from 2022. There were 3,205 data breaches in 2023 and 353 million victims in total.

If you’re unlucky enough to be one of them, the consequences can be life-changing. You may suffer serious financial loss, reputational damage, your credit score can be wrecked and the emotional stress can be severe. You might spend weeks or months — maybe years — trying to recover.

If you do get a notification that your personal data was exposed in a breach, take these five steps to limit the impact, prevent identity theft or other fraud and save yourself a great deal of trouble.

Stay on top of it

If your personal information was exposed in a data breach, the company that suffered the breach will let you know. They’re required by law to do so if they operate in the U.S. If you do get notified of a breach, keep all the messages you receive and follow up on the advice given by the company that was breached.

Keep in mind that data breaches are often not detected right away, so the bad guys may have had your information in their possession for a while by the time you get a notice that your information has been exposed. It’s possible the hackers have already used your information for malicious purposes, so keep any letters or emails you receive regarding new accounts or loans from lenders you don’t recognize.

Secure your accounts

If you’re notified of a breach, the notification will identify the accounts that have been compromised. Right away, you should change the passwords and PINs you use to sign into those accounts, be they bank accounts, credit card accounts or other accounts.

Then think about changing the log-ins on your other accounts, because if cyberthieves have stolen your personal information — like your birthday, address and other data — they’ll have an easier time breaking into any of your accounts whose log-ins include your personal information in usernames and passwords.

Put a fraud alert in place

A fraud alert tells any lender that receives an application in your name — like a credit card or bank loan application — that the applicant could be using a stolen identify, i.e. yours. The alert signifies to the lender that it should take extra steps to ensure the application is from you, not a fraudster.

When you place a fraud alert at any one of the three national credit bureaus — Experian, TransUnion and Equifax — it will automatically be applied by all three bureaus. A fraud alert stays in effect for one year. You can renew it at the end of the year and, if you’re the victim of fraud, you can request an alert that stays in place for seven years.

Watch your accounts and credit reports

Monitor your bank, credit card and other accounts and opt into any alerts offered by those financial institutions with which you do business. Then if you see any activity on your accounts that you don’t recognize, you can quickly report it and minimize damage.

You should also watch your credit report for any unfamiliar activity, like new credit cards or loans, or new addresses added to your personal profile. You can check your credit report free at any of the three national credit bureaus or at AnnualCreditReport.com.

Freeze your credit

This is a more extreme step than placing a fraud alert — and more inconvenient — but it’s worth thinking about. A freeze restricts access to your credit report at those credit bureaus where you ask for it.

If you place a freeze at all three credit bureaus, you’ll be well-protected from financial frauds like scammers applying for a credit card in your name. But a freeze will also prevent legitimate creditors from checking your credit for applications you initiate yourself. In that case, you can unfreeze your credit. It’s a cumbersome process but it might be worth the trouble.

Consider CREDO Mobile

Here at CREDO, we take consumer rights seriously and we support nonprofit organizations that fight to protect your rights. Recently, we’ve made significant grants to nonprofit groups including the ACLU, Common Cause and Social Security Works.

These donations — and all the donations we make every year —are generated by our customers, just by using our service. They cost nothing extra but they mean everything to our nonprofit partners. So if you’re a CREDO Mobile customer, thank you.

If you’re not a customer, consider joining now. You’ll get all you want from a phone company: the nation’s top-rated network, competitive plans and great deals on new devices.

And you’ll get much more. You’ll get an easy, effective way to make a difference in the world by generating much-needed donations for progressive nonprofits dedicated to the causes you believe in, like the environment, human rights and economic equality.