Do You Know What to Do After a Data Breach?

8 February 2016

With corporate data breaches grabbing headlines in Canada and across the world with increasing frequency over the past several years, it’s no wonder why many Canadians are growing more and more worried about the security of their data.

Unfortunately, once their data has been shared with a company there’s not too much consumers can do to keep it safe. However, consumers can protect their identities by making sure they know how to respond if their information is compromised in a breach.

This checklist can help consumers react and counter the efforts of cyber criminals and identity thieves after a data breach:

  • Get the details: When a company’s data is breached, it is responsible for telling its customers exactly what data was compromised, as well as any and all measures it is taking to remedy the situation. Getting this information is an important first step, as it can help consumers target their defense against identity theft.
  • Change your passwords: As soon as you hear about the breach, log into your account on the affected site (or app) and change your password. If you used the same login credentials on any other sites, don’t forget to change their passwords as well.
  • Contact your bank: If your financial institutions are aware that your information has been compromised in a breach, they’ll be more prepared to deal with potential fraudulent charges on your accounts. They may even issue you new cards or help you change certain information on your account depending on what kind of data was compromised. Even if your card or bank account numbers were not directly exposed in the breach, keep an eye on your upcoming bank statements in case cyber criminals were able to steal your financial data through a targeted malware attack.
  • Avoid unexpected emails: While it may seem harmless if your email address is all that gets compromised in a data breach, fraudsters can use this information to get their hands on much more sensitive data. In the weeks following the breach, be especially diligent about not opening emails from unfamiliar senders or following links you did not request. These bits of unexpected communication could give hackers remote control of your computer, which they could use to harvest sensitive data.
  • Review your mail closely: While far more innocuous than having your bank account numbers stolen, when cyber criminals get ahold of your address they may attempt to send you spam via the post. If you receive any mail requesting personal information or unexpected payment, contact the issuing company directly and ask if it in fact sent the letter.
  • Place a fraud alert: A fraud alert tells the major credit agencies that your identity may have been stolen so that they will take extra precautions to ensure new credit or bank accounts are not opened in your name without your expressed permission.
  • Sign up for a credit monitoring service: Credit monitoring companies can help protect your identity after a data breach by keeping an eye on your credit file and personal information. If they detect certain activity that could indicate fraud, they will notify you, giving you a chance to take action.