3 kinds of data breaches. 3 different precautions.
Have consumer data breaches become commonplace? Sometimes it seems that way — a breach is announced, the media covers it if it’s a big-enough name, then affected customers are notified as the breach fades from public attention. Though security holes and cybercriminals continue to pose an incredibly dangerous threat, not all data breaches are created equal.
Here’s how you should respond to 3 different kinds of data breaches:
1. Only credit card numbers were compromised.
If you find out your credit card number has been compromised and the credit card company hasn’t already discovered this fact, call them immediately. With this kind of data breach, the credit card company can simply invalidate your card and issue you a new one within a few days.
If this ends up happening to you, make sure to review your credit card statements for suspicious charges for at least a few months after your card has been replaced.
2. Some non-SSN personal information was exposed.
This kind of data breach can take a variety of forms — often, it is login information or personally identifiable data from social media sites that’s exposed. Breached information could also include names, addresses and phone numbers.
Generally, sites whose data have been breached will reach out to affected parties and ask them to reset their passwords. If you haven’t been asked to reset your password through official channels, though, be careful. If a site’s security has been compromised, someone may be watching you reset your password. That means they could get your new one too.
One solution to protect against these types of compromises is to get an online password manager. The best ones will help you safely store your passwords online and even help you generate really secure new ones.
3. Social Security Numbers were accessed.
If you find out your Social Security Number has been compromised, it requires immediate and serious attention. Here are steps we recommend:
- Review bank and credit card statements. Check your most recent records and carefully review them for at least a few months — it can take a while for fraudulent activity to show up.
- If you do find fraudulent transactions, contact one of the three national credit bureaus to place a fraud alert. Once you contact one national credit bureau, it will let the other 2 national credit bureaus know so they can also place alerts. To place credit freezes, you'll need to contact each bureau directly.
- Consider a credit monitoring service. Good ones can help you identify suspicious activity you may not discover just by reviewing statements. For example, if a thief were to get ahold of enough of your breached data to successfully change the contact information you have on file with a bank or credit card company, there’s a chance you wouldn’t find out about that from the financial institution, at least right away. But with credit monitoring alerts and online access, you’d have another way to quickly detect such crimes without having to repeatedly order individual credit reports.
These days, anyone’s data can be exposed. That’s why it’s so important to be prepared. The above approaches are meant to help you feel more confident that you can protect against a data breach or at least limit its damage. As always, each situation may differ, so it’s important to use your best judgment.