What to Do If You Are a Victim of a Data Breach
Data breaches are the internet’s equivalent to natural disasters: everyone is at risk but no one suspects it will happen to them.
Every time you use your credit cards in a store or conduct business on the internet–from paying your electricity bills to shopping online–you subject yourself to increased risk of becoming a victim of a data breach.
In order to better understand the dangers of data breaches, it is helpful to know how data breaches occur in the first place. You should also know the signs that indicate you are the victim of a data breach and, more importantly, what you can do to protect yourself from harm caused by these unfortunate situations.
What Is a Data Breach?
When data breaches occur, they tend to make a splash in the headlines. But what exactly is a data breach? How does a data breach happen? What happens to your information once it has been breached?
Put simply, a data breach is intentional or unintentional release of sensitive information to an unauthorized source. Data breaches can result from an honest mistake on the part of the guardian of your information, whether it is a company or the government. Data breaches can also have far more nefarious origins. Listed below are the three most common causes of data breaches.
1. Aggressive Hackers
Like something out of a Hollywood movie, computer hackers can worm their way into a supposedly secure virtual environment. Once they have found a loophole in a computer’s security code, hackers will prop open the virtual back door and make off with as much information as possible before the breach is discovered. Hackers that aggressively attack personal information rarely act alone. Oftentimes they are part of an organized crime syndicate and sometimes even supported by government.
2. Disgruntled Employees
Though not as organized as outright computer hackers, another relatively common source of data breaches occurs from disgruntled employees. Employees who are unhappy with their employer may retaliate by using their authorized access to surreptitiously steal information from the company’s data storage facilities. The information is then sold. Depending on the savviness of the employee, this type of data breach can take a long time to detect.
3. Scavenging Thieves
The third and final most common cause for data breaches occurs when thieves scavenge files and computer equipment that is sloppily discarded by organizations. When an organization updates its data storage system, the old storage system may not always be wiped of information properly prior to being discarded. Thieves know this and will literally go dumpster-diving to retrieve information that can then be sold for a handsome profit.
Once your data has been breached, it is typically resold for a profit. If credit card information was compromised, criminals can then use your accounts to conduct transactions without your authorization.
Signs That You Are a Victim of a Data Breach
Data breaches are not always detected immediately. Sometimes companies don’t discover a hacker’s virtual backdoor until months later, during which time tens of thousands of accounts can be compromised. This is why it is important to regularly monitor all of your bank accounts and be wary of suspicious activity. The following table explains the signs that most often indicate that you are at risk of being a victim of a data breach.
|You may be a victim of a data breach if…||Explanation|
|You notice unusual activity on any kind of your accounts.||If you see changes on your bank account or credit card statement that you don’t recall making, chances are high that your information has been compromised. Thieves will often test your information by making a couple of small purchases that you are likely to miss before they go for big ticket items.|
|You are an employee or a customer at a company that announces that they have had a data breach.||Even if you don’t see anything amiss in any of your accounts, you should be on high alert in this situation. It can take a long time for companies to identify which customers and employees have been affected, so you should play it safe and assume that your information has been implicated and take the appropriate steps.|
|You are informed by a company that your information was compromised during a data breach.||Companies that experience data breaches will notify the affected customers and employees via email or secure message that their information was compromised. If you receive such a message, verify its authenticity before proceeding with the directions given to you.|
What to Do If You Are a Victim of a Data Breach
Being comprised by a data breach is worse than if someone just steals your wallet because it is hard to know exactly what information the thieves have. For this reason, you should know what to do and act quickly if you notice any of the above red flags. Follow these steps once you have discovered that you are a victim of a data breach to save yourself time, money, and a lot of headache down the road.
From the moment the first suspicions arise, start to document everything. Take a screen shot of the unauthorized charges on your account, save any emails you receive about the data breach, keep a detailed record of any phone calls you make as you work to clear your name. Having a documented trail, whether it is paper or digital, can be invaluable in proving your innocence later on.
Contact the organization responsible for the breach.
If you receive communication from a company or government notifying you that your information was compromised, you should contact the organization to determine what they are going to do to resolve the issue and what additional steps you can take in the meanwhile.
Determine what information was compromised.
The company responsible for the breach should be able to tell you what information the identity thieves got their hands on. If only your mailing address or email address were released, you are at less risk than if your Social Security Number or credit card number were compromised. If the latter is the case, it is time to start taking more drastic measures to protect yourself.
Change passwords on all of your accounts.
Although changing your passwords should be a routine occurrence to keep your accounts safe, most people use only a handful of passwords for all of their accounts and rarely change them. At the first inkling that your information has been comprised, it is time to change your passwords now and ask questions later. Choose complex passwords, such as ones that include characters other than letters and numbers and are over 8 characters long, for added security.
Alert your bank and credit card companies.
Call your bank and credit card issuer to let them know that you think you have been the victim of a data breach. The sooner you do this, the better. It can mean the difference between being completely covered from only losses already sustained to losing everything you have in the account. Most banks will not hold you responsible for losses incurred as a result of a data breach if you notify them immediately.
File a police report.
Though it may seem excessive at first, filing a police report can protect you from financial liability in the future. Get a copy of the police report to share with your bank and credit bureaus.
Contact the credit bureaus.
If your personal information has been compromised, you’ll want to let the credit bureaus know. There are various steps you can take; the course of action will depend on the protection you desire and the extent of the breach.
The three national credit bureaus and their fraud alert hotlines are:
- Equifax: 800-525-6285
- Experian: 888-397-3742
- Transunion: 800-680-7289
Contact eConsumer Services®
If unauthorized charges have been made with your credit card, contact eConsumer Services® right away. We work within our extensive network of merchants to issue a refund quickly (much quicker than dealing with the bank). We are usually able to secure a refund within 24 hours. You have enough stress trying to stop future threats caused by the data breach; you can’t afford to waste time dealing with the losses you’ve already experienced.
Becoming a victim of a data breach can be an unsettling experience. You may feel helpless, especially since there is not much that you can do personally to prevent a breach from happening.
As soon as you realized you’re a victim of a data breach, take the necessary action to prevent further damage and let eConsumer Services® retrieve any money you’ve already lost.