Don't Panic — But Act Quickly
Data breaches happen regularly, affecting companies of all sizes. If you've received a breach notification, or discovered your information in a data breach database, the steps you take in the first 24–72 hours are the most critical. Here's a clear, prioritized action plan.
Step 1: Identify What Was Exposed
Read the breach notification carefully. The type of data exposed determines how seriously you need to respond:
| Data Type | Risk Level | Urgency |
|---|---|---|
| Email address only | Low | Monitor for phishing |
| Password (hashed) | Medium | Change password now |
| Password (plaintext) | High | Change immediately everywhere |
| Credit card numbers | High | Notify your bank today |
| Social Security Number | Critical | Freeze credit immediately |
| Full identity data | Critical | Multiple urgent actions needed |
Step 2: Change Your Passwords
If your password was part of the breach, change it on the affected site immediately. Then check if you reused that password anywhere else — if so, change it on every site that shares it. This is a reminder of why password reuse is so dangerous.
Use a password manager to generate and store unique, complex passwords for every account going forward.
Step 3: Enable Two-Factor Authentication
Even if an attacker has your password, two-factor authentication (2FA) prevents them from accessing your account without the second factor. Enable 2FA on the breached account and on any accounts you consider high-value: email, banking, cloud storage.
Prefer authenticator apps (like Google Authenticator or Authy) over SMS-based 2FA, which is more vulnerable to SIM-swapping attacks.
Step 4: If Financial Data Was Exposed
- Contact your bank or card issuer immediately to report the breach and request a new card number.
- Review recent transactions for anything unauthorized.
- Set up transaction alerts on your accounts to catch fraud quickly.
Step 5: If Personal Identity Data Was Exposed
If your Social Security Number, date of birth, or other identity data was part of the breach, take these steps:
- Freeze your credit at all three major bureaus (Equifax, Experian, TransUnion). A credit freeze is free and prevents new credit accounts from being opened in your name.
- Place a fraud alert with one bureau — they're required to notify the others.
- Monitor your credit reports regularly through legitimate free access tools.
- Watch for signs of tax fraud — file your taxes early if possible to prevent someone from filing in your name first.
Step 6: Watch for Follow-On Attacks
After a breach, criminals often use the stolen data to craft highly targeted phishing attacks. Be extra vigilant about:
- Emails appearing to be from the breached company
- Unexpected password reset requests
- Phone calls claiming to be from fraud departments
Step 7: Check If You're in Other Breaches
Use a reputable service like Have I Been Pwned to see if your email address has appeared in any known data breaches. You can also set up alerts so you're notified of future breaches involving your email.
Long-Term: Build Resilience
A breach is a wake-up call. Use it as motivation to:
- Adopt a password manager with unique passwords everywhere
- Enable 2FA on all important accounts
- Review what personal data you share with online services
- Delete accounts you no longer use — fewer accounts means fewer breach risks
You can't control whether a company you use gets breached. You can control how much damage that breach causes to you.