You’ve been breached. What to do next?

Uh-oh! My data has been stolen. What should I do?

Phishing or hacking incidents usually lead to identity theft and identity fraud. Hackers steal others’ personal information ranging from passwords to driver’s licenses to credit card numbers. This incident is also known as a breach event.

We’ve heard it a million times. We probably know a relative or a friend or a friend’s friend or a friend’s relative who was affected by this event.

We are aware - it is REAL and can happen to ANYONE.

Honestly, it doesn’t matter how careful you are, these hackers are cunning and have a million and one tactics up their sleeve for stealing your personal information. So, we have to be extra vigilant and know what to do if it happens to us.

Try this tool to see if you’ve been breached. If you are, the best defense is to spring into action to minimize the impact of the breach event.

The first thing you need to do is to read the details of the breach event. See what types of information were compromised - is it your social security number, driver’s license number, bank account number, or passwords? The type of information that was compromised is important so as to know your next steps.

Here are some tips if and when your account has been compromised:

1. Change the passwords on all your accounts

After reading the details of the breach event, immediately change all of your passwords on all of your accounts. This is to kick out the hacker if s/he is still in control.

2. Setup 2-factor authentication

2-factor authentication is a security system that requires two separate and distinct forms of identification to access your account. This adds an extra layer of security. So, if applicable, set this up.

3. Use Password Generator

Thinking and creating passwords can be a handful. So, using a password generator can make this job easy while making your password strong and unique.

4. Use Password Manager

Creating your passwords and keeping them safe are two different stories. Using a password manager can help you keep and store your passwords without you memorizing each one of them.

5. Consistently change your passwords.

You can change your passwords monthly, quarterly, or annually - it’s up to you. The point is to change it regularly. Some accounts, like banks, automatically expires your password within a given time period. This will force you to change your password - and may also help lessen the chance of being hacked. But some accounts do not - like your Facebook account. So, it’s going to be your sole responsibility to change your password and keep your account safe.

6. Clean your accounts.

How many accounts do you have? Make sure to delete accounts that you are no longer using. Check the apps that are connected to your accounts - be it your bank or personal social media accounts. Secure your accounts yourself to ensure your own safety.

7. Inform all necessary institutions in case of a breach event.

If and when your account has been compromised, inform all necessary and important agencies, banks, and even people closely related to you.

8. Turn on activity logs, if applicable.

Monitor your accounts by turning on activity logs that periodically send emails. This ensures that any unauthorized activity will be brought to your attention.

www.breached.me

9. Subscribe to Breached.Me to immediately inform where and when the email address was compromised.

Now that you know what to do in case of a breach event, you’re more equipped to safe-keep your accounts.

742

Breaches Tracked

12,155,668,727

Breached Accounts Detected

9,415,360,683

Stolen Passwords

For more helpful tips, subscribe to our Newsletter.


What is Breached.Me?

Breached.Me is a website that tells you if your information has been breached by hackers.

Data breach reporting requirements vary by industry and often we only hear about data breaches long after the fact. In the meantime, our personal information could be traded or sold hundreds of times on the dark web.

These are the following consumer challenges:

Awareness

If we don’t hear about it fast enough (or at all) then we (the users) blissfully carry-on with zero knowledge except for the occasional news article about a breach…but did it really affect me, the consumer? Who knows.

Example breach:

MGM Resorts hacked: 10.6 million guests have their personal data exposed on hacking forum

Password Reset

If you’re a consumer whose information was leaked, at a minimum, you need to login to the affected site and reset your password.

Credential Reuse

If you’re a consumer whose information was leaked, and if you re-use that same password elsewhere, you need to find those sites (good luck!) and reset those passwords.

These are the following enterprise challenges:

Spear-phishing and Phishing

Executives are often the unfortunate receivers of targeted phishing attacks (spear-phishing). Spear-phishing relies on more personal & believable information being included in the phish. After a data breach, we often see an increase in spear-phishing attacks due to executive PII being publicly leaked.

Credential Reuse and Password Reset
Data breaches often include cleartext passwords, weakly encrypted passwords, or passwords that were sent through a one-way hash function. When any of these occur, a very high percentage of real passwords can be recovered. Attackers then automatically test these same username/password combinations at other
sites to steal information money, and order goods in your name.

Take a look at these recent Breached Incidents

See More

Show All Breaches

Skip to content