In an ideal world, the best plan of action would have been constant proactive monitoring of your network to ensure that your data wasn’t breached in the first place. However, despite all of our best efforts, sometimes a data breach is outside of our control and when it happens it can be a scary thing. When a data breach occurs or your email account gets hacked, more than just an invasion of privacy transpires. Sensitive information and identity theft are serious threats and can hurt you and others around you indiscriminately. Here are great action steps to take when your data is hacked:
Relax and Stay Calm
While it is understandable that fear and uncertainty are most likely going to be the first emotions that you feel, it is very important to not panic. You are not alone, over 15 million people a year in the US alone experience situations like these, and because of this, a proper response is needed to resolve the problems it causes. Cases of identity theft are long and stressful but if caught within the first week you are able to resolve them painlessly and effectively. The most ineffective thing you could do for your company is to frantically react to situations without full knowledge of the situation. Yes, there should be a sense of urgency to get matters resolved as quickly and painlessly as possible, but panic will not help you. Take a step back to relax and gather your thoughts before proceeding with the next steps. Having a steady head will aid in resolving any issues as fast as possible and as thoroughly as possible.
Assess Damage and Make the Fixes
When a data breach occurs that you were a part of, assess what kind of information could have been obtained that is relevant to you. There are different steps to take for different pieces of information that could have been stolen. Something simple like a street address may be relatively harmless to you. However, important items like credit card numbers, SSNs, passwords, and more can cause serious damage. Thieves can potentially impersonate you or one of your employees to open lines of credit under their information and make mass purchases. Making sure of what has been taken and what has not will allow you to properly allocate time and resources into figuring out who to contact and what steps need to be taken. Check in with the IRS and the FTC to inform them of potential identity theft and check online or call into banks and credit companies to ensure that they are informed and to know if someone has been using your cards.
Change Your Passwords and Enable 2 Factor Authorization
If your passwords have been known to be stolen, change them. If you’re not sure whether or not your password was stolen, change it anyway. It is better to be safe than sorry, letting hackers have your password only opens up more avenues of data theft. Changing your passwords to something strong will help prevent future breaches. Enabling 2-factor authorization may be a bit of a hassle, but it is a worthwhile extra layer of security to have going forward in order to make sure that stolen passwords have are no longer effective. A strong password is often underestimated by many and this makes it all the more easy for hackers to gain unauthorized access to your accounts. Make sure passwords are long, non obvious, and mixed with numbers and letters in different case sensitivities to ensure maximum strength.
Contact Credit Card Companies, Banks, and Credit Bureaus
Your credit score can take a devastating hit as will your bank accounts and payments. Place fraud alerts with your various financial institutions. This is a great way to prevent identity thieves from draining your bank accounts and wreaking havoc on your credit score. A fraud alert will detect suspicious financial activity and monitor the transactions that occur. If you know that your financial information has been breached and stolen or you are not sure, placing fraud alerts on your accounts and on your credit will stop a negative impact on your finances. Do this as soon as possible in order to reduce headache and arguments with your financial providers as well as avoid any charges on your card for fraud penalties.
If Identity Theft Has Occurred…
If worst comes to worst and your data has been used for fraudulent purposes then file a police report. Doing this is primarily to establish proof with credit companies that you were legitimately hacked and had your identity stolen. While it is virtually impossible to get a smart identity thief, you are not powerless as a credit freeze can aid in stopping the thieves in their tracks. Initiate a credit freeze to prevent future damages and ensure that the proper changes are made to make sure you are able to reclaim your identity. Remind yourself to triple check that everything that has been stolen has been accounted for and fixed. Lastly, make sure to contact friends and family members to prevent them from being phished or potentially attacked by hackers posing as you with your information.
Even after you have resolved everything to the best of your ability and made sure your personal security is kept up to date, your fight is not over yet. Use websites like haveibeenpwned.com to make sure that you know whether or not your account has been breached and to double check the precautions and solutions you have made. Consider using a dark web scan to ensure that no other data pertaining to you has been leaked to parts unknown on the web. Monitor your credit to give yourself the peace of mind that things have been taken care of and to be certain that additional cases of fraud are brought to your prompt attention.
At the end of the day, hackers can attack anyone at anytime. Instead of living in paranoia, make sure that your security is constantly monitored and kept up to date. Remembering to remain calm and covering all of your ends is the best policy to maintain. Having a ready mindset and utilizing this plan of action will help you in your quest to navigate the world of cyber security and make sure that private information stays safe.