Data breaches are becoming more commonplace as big name companies become the target. It is important for you to know what actions you will need to take if your data is compromised.
First and foremost, if your account has been affected, you should receive a letter in the mail informing you what information was exposed and when. The information may come via email but don’t click on any of the links and instead go directly to the source just to be sure as “phishing” scammers are known to take advantage of breaches.
Nearly one in three data breach victims also became a fraud victim in the same year, according to reports by Javelin Strategy & Research.
Banks are required by federal law to inform customers of any breaches; 46 states have laws that mandate other companies abiding by the same laws, though large firms typically do contact all customers regardless of the state.
What Steps to take based on the type of breach:
Passwords – change your account password immediately. If the same password is used across several accounts, they should be changed too.
Email – Monitor your emails for messages that request information if you ‘click the link.’ As mentioned above, don’t click these links and instead go directly to the source whether it is your bank, eBay, PayPal or any other big brand company.
Credit Card – Call the creditor and request a new card to be issued with a new number. Some creditors practice this automatically and send a reissued card. Because the number, not the card itself was stolen, the consumer is not liable for any unauthorized purchases under the Fair Credit Billing Act.
Debit Card – Again, since the card was not lost but the number was used, you are not responsible for unauthorized transactions BUT, they must be reported within 60 days of receiving your statement. Still, yet, the card should be canceled and a new pin should be issued. A good safety measure is setting up a verbal password too.
Social Security Number – Contact 1 of the three major credit reporting agencies to have a fraud alert added to your account. That company is then required to notify the other agencies to do the same.
Review all accounts for suspicious activities. Placing a credit freeze on your account, will prevent a credit reporting company from releasing your credit report or score without consent.
Often times, when the breached company sends a letter it contains an offer for free credit report monitoring that the company provides. While, in general, it’s not worth paying for, it can be helpful because they will alert you quicker than you might notice on your own.
One of the most recent data attacks was against Anthem health insurance, which involved an estimated 80 million people. Experts warn that this may be part of a growing trend as medical fraud is unfortunately a booming business.