What to do After a Data Breach

3 min read

In today’s digital age, news about data breaches is becoming more common with each passing day. Big companies face it, as can you. Some data leaks make it to the headlines, while others happen but don’t get reported. Regardless of the extent of cyber breaches, you can lose control over sensitive personal information, like contact details, financial information, passwords and others. Additionally, leakage of confidential details can put you at an increased risk of identity theft. So what can you do if a data breach impacts you? Don’t panic – we have you covered. Read on to find out the steps you can take to protect yourself. 

Verify the Authenticity

Many different sources tell you about data theft, but not all are authentic. In fact, threat actors play on your fear and spread misinformation about breaches through malicious links and email campaigns. Hence, the first step is to act fast and verify the authenticity of the news. 

Generally, if a breach has occurred and uncovered by the company itself, any cybersecurity research group, or a government agency, they will ideally give this information to the public themselves. The details are circulated through official documents, newspaper articles, company websites, etc. Additionally, websites like haveibeenpwned.com help check if you were a victim of any data breach. It also helps identify the kind of information that is now out in the open.

Generally, the organisation facing the attack releases some instructions to minimise any adverse effects. 

Keep account passwords unique.

Change Account Passwords

We often have the habit of choosing a password that will be easy to remember without considering good password practices. Furthermore, we also use the same or similar password for various accounts such as our emails, e-commerce websites, internet banking, etc. 

If any account’s password has been leaked as a part of a data breach, hackers can gain not only access to the account in question but also many of your other accounts with similar passwords. This will end up exposing a lot of information about you. Hence, it is imperative to change account passwords immediately and keep a separate password on each platform. If you cannot log in, try to contact the website at the earliest to find out how to recover the account. In case none of the above is possible, work with them to shut down the account.

If you have any defunct accounts, ensure that you delete them to prevent misuse of stored data.

Alert the Bank

Many cyberattacks are financially motivated, so your bank account or online wallet might be the primary target. Regardless of what information is leaked during a data breach, monitor your financial accounts to see that no unknown activity is happening. 

If you find that your financial information has been exposed or your credit or debit card has been compromised, then get in touch with bank officials. The bank may reverse any transactions and stop future activity for your account to prevent further damage. If cybercriminals continue to commit fraud in your name, you may also land into legal trouble. 

Alert the bank on time

Use Two-factor Authentication (2FA)

As suggested earlier, we have lousy memories and make easy passwords for most of our accounts. Given how widespread our digital identity is, password recycling is also a common practice. Two-factor authentication requires users to verify their identity through an additional step. Therefore, it adds an extra layer of security to your existing accounts. 

The additional verification could be in the form of an OTP, a pattern on the phone, biometrics like fingerprint or retina scan, voice recognition, a push notification, etc. However, it is best to use an authenticator app to implement 2FA since it is the most secure and straightforward way. In addition, they are more reliable because they are not dependent on the SIM card or phone number and protect you from phone hacking attempts.

Data Backup 

If your account is compromised, but you still have access to it, backup your important documents and keep copies in another place. As a general practice, too, it is best to keep a backup of your crucial data, especially in situations when a breach might force you to stop operating that account. 

Since a lot of our data is on websites or cloud servers these days, a local backup can be helpful in such unpredictable circumstances. Make it a point to delete junk and keep your computer clean as malware tends to hide in temporary files.

Don't become a phishing victim.

Don’t Click on Unknown Links

Cyber breaches leave you exposed to large-scale phishing attacks. One of the most common ways hackers get access to sensitive information is via phishing emails. So if your data is out in the open, keep an eye on suspicious-looking emails. Sometimes, there are clear red flags such as inconsistent spellings, a tone of urgency, and uncommon attachment types. 

Hence, you must remain vigilant and not click on unverified email links. Furthermore, do not share personal information over email, no matter the urgency shown in the email. If you have any doubts, contact the organisation yourself to check if they need any data from your end. 

It is also a good idea to keep your operating system up to date as hackers exploit old versions. The same goes for your anti-virus software, which may contain unresolved loopholes. 

Cove Identity – Your Safe Space Online

At Cove Identity, we understand that the online world can be daunting and scary at times. That is why we have built an app that keeps your digital identity safe. Our host privacy-focused features such as a secure digital vault, 2FA authenticator and end-to-end encrypted chatting will help keep your worries at bay.

Leave a Reply

Your email address will not be published. Required fields are marked *