You’re watching the news. Another major breach has just been announced. You’re not too worried because, let’s face it, we’re all suffering from breach overload. But then they flash the company logo up on the screen.
It’s a place you do business with.
A place that has your personal information.
Now you’re scared. And you should be, a little. But don’t go into a full-blown panic just yet. Just because there’s a data breach, doesn’t mean you’re a victim of identity theft. It simply means someone may have obtained your personal or financial information. Now’s the time the keep your head on straight and take a few important steps to avoid becoming a victim.
The first thing you want to do is find out what type of information has been breached. This will make a big difference in how you proceed.
If credit card information has been compromised:
Figure out which of your cards were on file with that company. You can usually find this out by logging into their online site. Or you may need to call the company. Don’t be surprised if there are very long hold times!
At this point, you need to decide whether to cancel that card outright, or to monitor that account very closely. If you decide to cancel the account, there may be a fee associated with getting a new card issued, since there haven’t been any fraudulent transactions. If you opt for monitoring, I provided some useful tips in my Monitoring Credit and Debit Card Transactions post. If you see anything out of the ordinary, call your bank right away!
If your Social Security number or other personal information has been compromised:
Order a copy of your credit reports and look over every inch of it. If you see anything out of the ordinary, contact the company involved right away.
You’re allowed to order a free copy of your credit reports every year from each of the three credit bureaus, and this is one time when it’s an especially good idea to space those out. Order from one bureau right away, and then order from another one in three to four months. And then the third one in another three to four months. This way you don’t have to wait another year to see if someone is using your information.
If you don’t have fraud alerts set on your credit file, set them now! You can set fraud alerts with one bureau and they will automatically be placed with all three.
This is also a good time to consider identity theft protection or credit monitoring. Someone already has your information, so it’s a good idea to put some extra protection in place.
If username and passwords have been compromised:
Change your password for that company’s website. If you use the same password for any other site (even if the username is different), change that too. This is especially important for any banking or other financial sites!
Once you’ve take these steps, step back and take a breath. From here on out, you’ll just need to keep monitoring (or let someone else monitor for you). Hopefully your information will never be used, but if it is, you’ll be ready.
On a final note, many companies will offer some type of credit monitoring or identity theft protection for free following a breach. If you don’t have a service already in place, take advantage of it. Just don’t rely on it to fully protect you – most of the time, the free services companies offer are very limited in scope.