How to Protect Your Identity After a Data Breach

11 September 2015

Data thieves breached more than 1 billion “secure” records last year alone, accessing almost 2,000 files containing retailers’ point of sale data, consumer account information and Social Security numbers every minute. If you find yourself reading a notification concerning a breach of your personal information, remember there are steps you can take to help protect your identity and recover some peace of mind.

Identify the compromised information

First, you need to determine what kind of information has been compromised. There are four major types of security breaches that involve different data, including breaches involving your credit or debit card information at a retailer’s point of sale (POS) terminal, information tied to another existing financial account, your driver’s license number or another government-issued ID document, or your Social Insurance Number. In each situation you may choose to protect yourself differently, so it is important to first identify the extent of the breach.

POS payment breaches

Retailers use POS terminals to collect consumer billing information from credit or debit cards. Because of their scale and reliance on older, less secure technology, POS systems are constant targets for data thieves. Given the pervasiveness of POS breaches, many consumers will have their credit or debit card information compromised at some point in time.

If a retailer at which you have shopped is compromised, the first thing you should do is determine whether you used a credit or a debit card at the store. If your debit card is compromised, funds can quickly be withdrawn from your bank account without your knowledge. On the other hand, if you used a credit card, you will have an opportunity to dispute any fraudulent transactions before you have to pay the bill and you will still retain access to the cash in your bank account.

After you determine which type of payment card may have been compromised, here are some steps that you can take to reduce your risk of credit fraud:

  • Ask your card issuer to cancel your current card and reissue the card with a new account number.
  • Carefully monitor all your account transactions online.
  • If your card issuer offers it, set up text or email alerts of any activity.
  • Make sure that your account statements arrive in your mailbox at their normal time.
  • If you become aware of any fraudulent transactions, immediately call your financial institution and follow up by formally disputing the transaction in writing.
  • Be wary of any email or phone call that you might receive about the breach that requests personal information.

Driver’s license or government-issued ID

If your driver’s license or another government document is put at risk by a data breach, contact the agency that issued the document to find out what it recommends in such situations. You may be instructed to cancel the document and obtain a replacement. Or, the agency might make a note in your file to prevent an imposter from getting a license in your name.

Social Insurance Number

Protecting your Social Insurance Number is crucial to protecting yourself from new account fraud. In new account fraud, data thieves set up new accounts in your name, usually using different addresses so you won’t be tipped off by mailed statements. If you learn that your Social Insurance Number has been compromised, immediately put a fraud alert on your account at both credit bureaus to make it difficult for criminals to access your credit. Then, consider credit monitoring services such as Identity Guard, that can promptly alert you to certain changes in your credit file.