In the event that your personal data has been compromised in a breach, it is important to take action immediately to help protect yourself from identity theft and fraud. Here are six steps to take after the news of a data breach:

1. Check for Potential Impacts

The first step is to check whether you have been affected by the breach. Major organizations who experience data breaches typically set up a webpage for their customers to check if they’ve been affected. Many states require that individuals be contacted by mail if they are a part of a major breach. Even if you don’t receive a letter, be vigilant and check for impacts. This may involve checking your credit card statements or monitoring your credit report for unauthorized activity. 

2. Take Advantage of Free Credit Monitoring

When major organizations experience a data breach they will often offer free credit monitoring to those impacted. If credit monitoring is made available to you, make sure to enroll as soon as possible. Credit monitoring doesn’t prevent identity theft but it will alert you to suspicious activity on your credit reports, should they occur.

3. Change Your Passwords and Enable Multi Factor Authentication

It’s unlikely that anyone will know the extent of a data breach, so it’s crucial to change your passwords and enable multi-factor authentication on any accounts that store personal or financial information. If you were using the same password on multiple accounts, make sure you update those passwords so they are different for each account.

4. Monitor Your Credit Reports

You are entitled to one free credit report per year from each of the three major credit bureaus—Equifax, Experian and TransUnion. Check for unusual activity, such as new accounts or items that you don’t recognize. If you see anything suspicious, contact the credit bureau at their fraud department immediately.

5. Place a Fraud Alert on Your Credit File

A fraud alert is a notice placed on your credit file that alerts creditors that you may be the victim of identity theft. When anyone applies for new credit under your name, you will be alerted and given the opportunity to authorize it. This can help to prevent new accounts from being opened in your name without your knowledge. You only need to process a fraud alert with one of three credit agencies. Once your alert is processed with one credit bureau,  it will notify the other two, who are required to place fraud alerts in your file.

6. Keep an Eye on Your Mail and Inbox

Watch for bills or other correspondence from companies that you don’t recognize. Also, be on the lookout for unexpected emails or text messages asking for personal information such as passwords or account numbers. These could be phishing scams attempting to steal your information. Do not respond to these messages. If you receive a phishing message, report all phishing attempts to ReportFraud.FTC.gov. Forward phishing emails to the Anti Phishing Working Group at [email protected]. Forward phishing text messages to SPAM (7726).

If Your Identity is Stolen, Report It

If you find that someone is using your identity to make fraudulent purchases or apply for credit, it’s important to act quickly. The first step is to report the incident to IdentityTheft.gov. This website will help you create an action plan and provide guidance on what steps to take next. You should also contact the company that was breached and let them know what happened. They may be able to offer assistance in dealing with any future issues that may arise. By taking these steps, you can help minimize the damage caused by identity theft and protect yourself from further harm.