A cybersecurity expert advises that the worst thing to do after a data breach is to remain complacent and not take immediate action to protect your sensitive information.
Upon receiving an email or seeing a headline about a data breach at a company you work with, your initial reaction might be to dismiss it and carry on with your routine.
Over 1 billion individuals had their information exposed online due to a data breach in the first half of 2024, which represents a 499% increase compared to the same period in 2023, according to the Identity Theft Resource Center.
Cybersecurity experts have coined a term for the phenomenon where people become numb to high-profile data breaches, such as those at Ticketmaster and AT&T.
"Michael Bruemmer, head of global data breach resolution at Experian, states that people might say, "Oh, here's another one and stick it in the drawer and don't do anything," but that is the worst thing you can do."
If your personal information is compromised after a breach, you may become the target of scams or face the consequences of identity theft, such as fraudulent credit card accounts being opened in your name. To safeguard yourself, take these steps, and follow these guidelines if you're part of a breach.
Practice good online hygiene
Cybersecurity experts assert that if you're not offline, a significant portion of your information is likely online.
According to Ed Skoudis, president of SANS Technology Institute, he operates under the assumption that most of his information is publicly available and that's a reasonable assumption.
The more information fraudsters have about you, the greater the risk of falling victim to scams and identity theft. If a bad actor obtains your email address and password during a data breach, the situation can worsen, according to Skoudis.
Financial wellness leads to happiness, wealth, and financial security.
"If your password is used elsewhere, they can access your accounts. If your health-care provider is compromised, they can target attacks based on your symptoms or diseases. If it's a news site, they can use your political views and reading habits to their advantage."
Cybersecurity experts recommend practicing online hygiene to keep your information private.
1. Use a password manager
Say goodbye to the hassle of remembering multiple passwords and sign up for a password management service.
"Bruemmer recommends using a password manager as it allows you to store all your passwords in one place with just one master password to remember. Additionally, it generates unique and complex passwords for you that you don't have to remember."
2. Avoid links from strangers
If you receive an email or text from someone you don't know, be cautious and avoid clicking on any links. If they claim to be from a business, verify their identity by going directly to that business' website.
Bruemmer warns that a 10-second voice-print is all it takes for fraudsters to clone your voice and create deepfakes.
3. Skip QR codes when possible
Asking for a paper menu is a valid reason, according to Bruemmer, because it's difficult to distinguish between a good QR code and one that could harm your phone with malware.
4. Always use credit online
If a fraudster obtains your payment information, it will be easier for you to resolve the issue if you used a credit card instead of a debit card, as credit cards typically offer more fraud protection.
"Skoudis says, "If it's a debit card, they can empty my account. And I got nothing. I can say, 'This is a fraudulent thing.' But I don't have the money until that whole fraud investigation is finished.""
What to do in case of a breach
Even if you're cautious, you may still receive word that a company you do business with has lost your information to hackers.
Here's what to do if and when that happens.
1. Don't bury your head in the sand
It's crucial to read any notice of a data breach that you receive via mail or email, advises Bruemmer.
He states that it will inform you about what occurred, the reasons behind it, and how to safeguard yourself.
2. Change your passwords
If you don't have a password manager, make sure to update your password on the site where the breach happened and any other sites where you use the same password. Visit HaveIBeenPwned.com and enter your email address to discover where your personal information may have been compromised.
3. Be vigilant
Although reviewing financial statements can be tedious, it's crucial to monitor your credit card statements after a breach to ensure there are no fraudulent charges.
Monitoring your credit score is important, as significant changes in your score, which can be found through various online bank and credit account platforms, may suggest fraudulent financial activity, according to Skoudis.
It is wise to request copies of your credit reports from Equifax, Experian, and TransUnion and ask one of the agencies to place a free fraud alert on your account.
4. Act quickly
If you discover any suspicious activity on your credit report, such as a new credit line in your name, it's crucial to act quickly, advises Bruemmer.
"Disputing fraudulent inquiries or new lines of credit requires reaching out to the credit bureau and allowing a fraud resolution agent to guide you through the steps."
Report any suspected identity theft to the Federal Trade Commission and your local police department, who will provide you with a police report.
"Bruemmer advises that if you have lost wages, you may need to file an insurance claim. With a police report, you can assert that this is what happened and why it happened, and you are covered."
To stop worrying about money, enroll in CNBC's online course, Financial Wellness: Be Happier, Wealthier & More Financially Secure. We'll teach you the psychology of money, stress management, and healthy financial habits. Plus, use code EARLYBIRD for a 30% discount through Sept. 2, 2024. Start today!
Sign up for CNBC Make It's newsletter to receive tips and tricks for success at work, with money and in life.
Make It
You might also like
- The maximum amount you should spend on housing if you make $80,000 annually.
- He bought a sandwich shop for $125,000 at the age of 17 and sold it for $8 billion.
- Now worth $633 million, the 33-year-old's robotics startup was once funded through 100-hour workweeks.
- A happiness expert advises treating weekends like a vacation for the happiest people.
- A happiness coach offers three simple strategies to transform stress and anxiety into happiness and increase joy in your life.