What to do after a data breach

Every day, 7 million data records are exposed to hackers.

That means that your personal data could be floating around all over the place, leaving you vulnerable to hacking. In fact, 2020 is already on track to record a record number of records breached if things continue the way they are going. 

More than 16 billion records have been exposed, including 8.4 billion in the first quarter of the year. That quarter saw an increase of 273% over the first quarter of 2019, according to a Risk Based Security report.

There is a good chance you were one of 147 million Americans whose information was breached during the Experian credit bureau breach or among the 3 billion accounts hacked during the Yahoo breach in 2017 or the 56 million whose credit or debit cards were leaked during the Home Depot breach in 2014.

More than 16 billion records have been exposed, including 8.4 billion in the first quarter of the year. That quarter saw an increase of 273% over the first quarter of 2019, according to a Risk Based Security report.

The biggest data breaches of 2020 so far include a breach of the information of 5.2 million guests of Marriott, the database of 26 million logins for LiveJournal (rumors are the leak has been circulating since 2014), and a LifeLabs leak of the data of 40% of Canada’s population.

What to do if you think your data has been breached?

Data breaches are super stressful! Never know what they’re gonna do with your data and it can take a lot of time protect yourself once you’ve been breached.

First things first, you need to check if you were part of a data breach.

If you think your information might have been exposed, enter your email into haveibeenpwned.com. This is the best source to understand how at risk you are for identity theft due to data breaches.

The free tool, which was created after the largest breach of customers’ accounts at the time via Adobe, is meant to provide a service to the public by maintaining a database of data from breaches where data has been exposed to people that should not have been able to view it. So far the database has information from 460 “pwned” websites and 10,131,507,028 accounts.

You can also check out our tracker of the most recent data breaches. We’ll be updating this page often, so bookmark the page to stay on top of recent data breaches!

Step 1: Determine what was stolen in the data breach

If your email shows up on a site that has been hacked, haveibeenpwned.com will list details of each specific hack to give you an idea of how dangerous it was. 

The most important next step is to determine what was stolen:

Least sensitive: names, addresses, phone numbers are often easy to find online anyhow. A bit more sensitive data to have leaked includes email addresses, dates of birth and credit card numbers.

Most sensitive: Social Security numbers, passwords, passport numbers, credit card security codes and financial account numbers.

Step 2: Change your passwords

The next step should be to change the password on the account that was breached, whether that account held sensitive information or note.

Next, you should complete an inventory of your passwords on all other accounts and change any password that matched the one that was breached.

Experts suggest you create a new password for each account and make sure no two passwords are the same to prevent collateral damage in the case of a future breach.

To avoid future breaches, it is recommended to create complex, unique passwords for every account you have. You can use a password manager such as bitwarden, 1password or KeePass to help you keep track of complex passwords.

Step 3: Contact financial institutions and credit bureaus

Try to be as pro-active as possible and get ahead of any serious issues by contacting financial institutions and credit bureaus. If your debit or credit card information was part of a breach, contact that bank immediately and freeze or cancel your card.

Thankfully, most banks make it super easy to freeze cards via their mobile apps — so don’t delay! Especially if it’s a debit card, hackers could gain access to your bank accounts and drain everything!

The next move is to contact credit-reporting bureaus and have them put a fraud alert on your name. This alert will be triggered if anyone tries to open a credit card in your name or commit financial identity theft. This step is such a pain — but it’s so important to reduce the impact of the top ten risks of a data breach.

To contact credit bureaus:

Step 4: Clean up your data

To prevent data breaches from happening in the first place, practice proper data hygiene. After all, offense is the best defense when it comes to protecting from identity theft! Delete your personal data everywhere that it’s stored, because each of those databases makes you vulnerable to hackers.

We built Privacy Bee to be your proactive data protection-co-pilot. Our entire focus is on helping you take back control of your data by deleting it from the internet. By removing stale datapoints from corporate databases regularly, you leave fewer opportunities for hackers to find it.

Customers who sign up for the monthly Privacy Bee service will have access to an online dashboard to view the ongoing opt-out and deletion efforts submitted to countless companies on their behalf, with the status of each request, in real-time. To stay secure, consumers must be proactive and use available tools that thwart the threat of data theft by automating the process to force companies to delete information. 

“We scrub consumers’ personal information from companies’ databases so it can’t be sold or hacked. By limiting the number of places your personal data is stored, individuals reduce their exposure to data breaches.”

-Harry Maguans, Privacy Bee CEO

Step 5: What to do if your identity gets stolen

Data breaches often lead to identity theft, which is when a stranger or hacker pretends to be you for purposes like financial or identity fraud. If this happens to you (ugh), you’ll need to file a report with your local police department. It’s so important to do because it gives you the legal basis for disputing potential fraud and protecting you from financial losses.

After you submit your police report, file a formal report of identity theft with the federal government. In the U.S., do so online with the Federal Trade Commission. This is another layer of protection to reduce your liability for future fraud.

Here’s more on what to do if your identity is stolen.


Data breaches are a pain. Identity theft sucks. As you can see, when hackers get ahold of your personal data, they can do bad things — and require you to spend hours of your time fighting back. Avoid the stress of data breaches and keep your data safe online!

The latest data breaches: A tracker to see if you’ve been hacked

What to do if your identity is stolen

Start Fighting for Your Privacy!

Your personal data & contact info is likely held by thousands of companies, being bought and sold every day for marketing purposes (because of fine print when you clicked "I Agree"), just waiting for a data breach to expose your info to spammers, hackers and identity thieves on the dark web. Entrust Privacy Bee to fight on your behalf and we'll continually force marketers and data brokers to purge your info from their systems!

Signup

New law let's you protect your digital privacy!

Signup