Unfortunately, data breaches at large companies and retailers have become more common over the last several years. It seems that every month or two we’re reading about another one that leave millions of victims whose personal information has been exposed feeling betrayed and wondering what to do.
In just the past year, some of the major retailers that have suffered breaches exposing customer information (like SSNs, credit card numbers, and more) include:
-
Ascension: 24 million mortgage and banking documents
-
CafePress: 23 million records
-
Dunkin’ Donuts: Two separate breaches impacting all DD Perks rewards members
-
Fortnite: 200 million users
-
Huddle House: Compromised payment card details of customers between 8/2017 – 2/2019
Things like managed antivirus and good data security practices can help you keep you own data safe, but what happens if a vendor or retailer you’ve used has had a breach and compromised the data you entrusted to them?
Following are the steps you can take to help mitigate your risk and protect yourself.
Immediate Steps to Take if Your Personal Data Has Been Exposed
There’s a feeling of helplessness mixed with anger when you first hear about a data breach at a retailer you’ve shopped with or a website you’ve entrusted with sensitive personal data.
This is made worse by the fact that by the time they find out and get around to notifying you, your information has usually been exposed for months without you knowing.
For example, CafePress customers received notifications by mail in early September of 2019 that their personal information (including SSNs and Tax ID numbers) had been compromised. The breach had happened back in February, so their information had already been floating around for over 6 months!
The average time it takes a company to identify and contain a data breach is 279 days. (IBM Security)
If you find yourself a victim of compromised personal information, here are the immediate steps you should take to help mitigate your risk of negative impacts on your finances, credit, and more.
Review All Breach Information Provided by the Breached Company
Look for a press release or webpage setup to provide information on the breach. You’ll generally receive a URL in the notification you’re sent about it.
You want to look for specifics like exactly what was exposed. Your SSN? Your email and password? Credit card details? Knowing what type of information was compromised will inform the next steps you need to take
The other thing to look for is the offer of free data security monitoring which many companies will set up for 1 to 2 years to help mitigate their risk of losing those customers. Just be aware, in order to take them up on that free monitoring, you’ll have to hand over your personal information to yet another 3rd party.
Change Your Logins for Any Compromised Passwords
If some of the exposed information included your email or username and password, you’ll want to change these right away. Often retailers will force a password change on their own site, but that doesn’t protect you if you’ve used the same login password on any other accounts. so you’ll want to change those too.
Notify Your Payment Card Issuer
If you’ve used your credit or debit card with a breached company, it’s a good idea to notify your bank and request a new card, even if the company doesn’t note that card numbers were breached. It takes months for the full extent of a breach to be realized, so even if they initially thought a breach didn’t include credit card details, upon further research, they may have to amend an earlier notification to include credit cards.
Review Your Credit Report
Because of the length of time that it takes a company to find out about a breach and contain it, there’s a chance someone has already used your personal information to apply for a loan or take out a credit card in your name.
You’ll want to immediately review your credit report from the three main credit reporting agencies, Equifax, Experian, and TransUnion, to look for any fraudulent activity. It’s also smart to review your credit report at least once a year to make sure it’s correct and you know as soon as possible if your identity has been stolen.
Examine Past Bank and Credit Card Statements
If your payment card details were exposed in a data breach, you’ll want to go back to the earliest date the company has given for when they think the breach occurred. Thoroughly review your bank and credit card statements for any cards you used with the company to look for fraudulent purchases you may have missed.
Often scammers won’t go for large amounts, at least not at first. Instead, they’ll try to fly under the radar with small purchases, hoping you’ll overlook them.
Protect Your Business from Data Breaches Before It’s Too Late!
No small business wants to be the one that has to contact all their customers and tell them their personal information has been compromised. In fact, a majority of smaller companies that suffer a data breach, never fully recover due the high financial costs.
Learn what you can do to prevent unauthorized access into your network and customer data by contacting Pro Tech Guy today for a full security assessment.
Call 508-364-8189 or reach out online.