One of the reasons that you may be scared of exposing data to companies is that someone will illegally use it once the data has been leaked. Here’s how to be notified after a data breach and steps to take immediately.
Table of Contents
- Change your passwords and all other login credentials
- Review how secure your accounts are
- Back up your data
- Run full antimalware scans, and erase the hard drive if necessary
- Assess the extent of the damage
- Deactivate affected accounts if necessary
- Freeze your credit card or change its number
- Notify your contacts
1. Change Your Passwords and All Other Login Credentials
Whether it’s a minor or major data breach involving passwords or not, it’s essential to change your login credentials immediately. This includes your password and answers to security questions. Start with the affected account(s) and then the accounts associated with it. This includes passwords stored in the affected password manager, accounts that use single-sign-on services from the compromised account, and similar or identical passwords that you use for other accounts.
Finally, you should also change all your other passwords. They might be indirectly associated with the affected service, and the data breach may increase the likelihood of the accounts being hacked. Change your passwords for your devices as well.
2. Review How Secure Your Accounts Are
Given that you must change your login information after a data breach, it’s a good time to strengthen your account security as well. Do you use passwords composed of (literally) random characters unless the account is of a password manager or a device? It’s crucial that you do so because any pattern (even if it’s a word spelled backward or substituting characters with symbols) will substantially increase the chances of it being guessed.
Moreover, your answers to security questions must not be obvious or known to anyone else. For instance, if you’re asked to fill in answers for security questions, make them individual passwords. They should be challenging to guess.
Furthermore, if you don’t use two-step verification, activate it now if it’s available. This adds an additional layer of security that makes breaking into your account even more daunting. Passwords can be obtained using various methods, even if you’re not the account owner. However, only you, or attackers using more advanced tactics, can enter an account secured with two-step verification.
3. Back Up Your Data
After that, it’s also important that you back up your data. This prevents it from being lost once your account is compromised. But you have to be cautious here if you’re downloading a copy. If the filename is not what you recognize, don’t download it. The unknown files are almost certainly malware or files related to it. Moreover, it’s crucial that you scan your computer for malware right after you download the copy. They might disguise themselves as legitimate files to persuade users to install them.
4. Run Full Antimalware Scans, and Erase the Hard Drive if Necessary
After that, it’s essential to make sure your computer is not compromised. First, look for obvious signs of malware infection. This includes consistently high CPU and RAM usage right after startup (even after troubleshooting), unknown redirects, or apps installed without your permission.
If you have one of the symptoms above, you should suspect that your system is infected (especially if multiple symptoms are satisfied at once). If so, you should wipe your hard drive and reinstall your operating system. Otherwise, it’s better to scan your device thoroughly (ideally with multiple antimalware programs, but activate them one at a time). Read reviews before installing these apps!
5. Assess the Extent of the Damage
While you scan or wipe your computer, it’s time to learn about what’s being leaked. You’ll need this information to determine what to do after that. You can search for news articles about the data breach, or information from your official email about the data breach. For instance, if you think extensive damage is done and changing login credentials might not eliminate the issue, you can delete your account. Besides, if recovery keys are leaked, you should reset them. Or, if your credit card data is breached, you have to prevent others from conducting transactions with your card.
6. Deactivate Affected Accounts If Necessary
If the account is damaged so severely that you think it’s not feasible to recover it, you can delete your account. Just abandon it if you cannot regain access to it by any means. Moreover, to improve security, you should also delete old accounts that you don’t use. This reduces the area in which a hacker can start attacks.
7. Freeze Your Credit Card or Change Its Number
If your bank account information is leaked, it’s a good idea to freeze your credit card or even change its number. That way, even if someone gets hold of all your banking information, they can’t create an account or conduct transactions with your card.
8. Notify Your Contacts
It’s dangerous if you keep the data breach a secret. Instead, you should notify all your contacts, including friends, family members, and coworkers, about the fact that a data breach has occurred.
The message should remind them to take action if they use the affected service and not click on any suspicious links from emails or messages. Moreover, they should be notified if you decided to ditch your old email account and create a new email address. In that case, do not use email to contact them, or they will think it’s a scam.
How to Notice a Data Breach?
But if you don’t notice a data breach in time, the instructions will become useless. Therefore, it’s important that you recognize the signs. Here’s how.
- Check emails about notifications about data breaches
- Actively search for news about data breaches
- See if you’re hacked
If you recognize that a data breach is in action, quickly protect your account, data, and contacts.
1. Check Emails About Notifications About Data Breaches
If a data breach has occurred on a service you’re using, you’ll probably be notified once they detect that, like with emails. No matter if it’s genuine or fake, it’s always best to take action in case a data breach has truly occurred. But if you encounter those types of emails, it might be persuading you to fill in your password on a phishing website. Therefore, make sure you type in the URL manually before accessing your accounts.
2. Actively Search for News About Data Breaches
But there’s another way to confirm that there’s a data breach, especially if the email/message mentioned above seems suspicious: Look up on the Internet. If you go to any search engine and search for news about data breaches, see if one of the services you use is affected. If so, take action right away.
3. See If You’re Hacked
As always, it’s a good time to see if your computer is hacked. If you recognize any of symptoms 1-7 or symptoms 8-9 accompanied by other symptoms, you should think that it’s compromised. In that case, follow instructions on this guide (or any other guide you want) to eliminate the threat to enable you to use your computer safely once again.
In this article, we’ve discussed what to do immediately after you notice a data breach on one of the services you use. Remember to strengthen your security with these 22 tips, and you’ll be safer from malware.
References and Credits
- Yael Grauer. (2021, April 12). What to Do After a Data Breach. Retrieved August 23, 2021, from https://www.consumerreports.org/data-theft/what-to-do-after-a-data-breach/
- Paul Wagenseil. (2019, April 15). What to Do After a Data Breach. Retrieved August 23, 2021, from https://www.tomsguide.com/us/data-breach-to-dos,news-18007.html
- Ruslana Lishchuk. (2021, February 22). What You Should Do After A Data Breach. Retrieved August 23, 2021, from https://clario.co/blog/what-to-do-after-data-breach/
- Alison Grace Johansen. (2018, March 6). 7 Steps to Take Right After a Data Breach. Retrieved August 23, 2021, from https://www.lifelock.com/learn-data-breaches-steps-to-take-right-after-a-data-breach.html