So, have you received a letter, email or other notification that you might be affected by a recent cyber security breach?
Did you get a sick feeling in the pit of your stomach?
Depending on what website, government agency or financial institution has been breached will depend of what amount of your personal information has been put at risk. But no matter what entity it is that has been breached, the most important question is…
What do you do now?
Before we get into some steps you can take to protect yourself, if you haven’t already read our articles on Online Safety & Online Security as well as How Data Breaches Can Put Your Information at Risk, please take some time to do so.
It will give you a great base level of knowledge which will help you better understand our future articles delving more deeply into several areas related to your Online Safety & Online Security.
You can read them here:
User Notification Delays
Once you’ve recovered from the shock that the entity you entrusted with your personal data has violated that trust by allowing it to be hacked… or even worst, they sold it to the highest bidder…
Now you’re getting even more bad news…
What you don’t know is, and if you’re lucky it will be spelled out somewhere in the notice you just received…
You’re already starting from behind!
Let’s examine… we’ll use the ‘Good News vs Bad News’ analogy…
Let’s start with the ‘Good News’ (if there actually is ANY SUCH THING in this situation). The Silver Lining in the news you’ve just received, is that MOST companies don’t store all of your data together in the same databases.
So, while some of your personal information may have indeed been compromised, it may only be a small portion; hopefully not your Personal Identifying Information (PII).
So, how will you know what information has been compromised?
Generally speaking, the type of information that was compromised is usually included in the notification you receive. So, this gives you some ability to begin to put proper measures in place to mitigate the potential damage.
Now for the “Bad News’ – right now you’re probably like… “some hacker has my personal info, what more bad news is there?”
Well, we’re sorry to say, that many times when these data breaches occur, users are not the first to know… or the second… or the third… we think you get the idea.
Most often a considerable amount of time has passed between the actual breach occurring and the time that users or even just the public at large, are notified.
How much time are we talking?
Well, honestly, the time frames vary greatly depending on the entity that was breached and the total scope of the breach, but it’s not an exaggeration to say that months – at least – have passed.
Why is this?
Well any number of reasons… but the least obtrusive and vulgar ones include…
They were taking time to secure their network to prevent any further incursions
They were taking time to survey the extent of the breach
They were deciding the best way to notify their users
They were preparing resources to assist the users whose information was compromised Like we said… these are the more ‘palatable’ reasons for notification delays…
Personal Data Protection
Taking steps to protect your personal information and data online should begin long before the first mouse clicks to anything you’re going to do online. But sometimes, even after you have taken preventative steps, the unthinkable can happen.
If you’re personal data is compromised, there are steps you should take to help reduce further damage. While this is not meant to be an ‘all inclusive’ list of steps to take, these should be considered reasonable for the situation.
Here are some steps you can take if you’ve been the victim of an online data breach:
Confirm If and What Data Was Accessed
In the cases of some recent breaches we told you about, you may have given your information to one or more of these, but that doesn’t definitively prove that it was YOUR data that was compromised.
What does that mean?
Well, for example, if you happened to use your credit card when you ate at one of the restaurants that are part of the Earl Enterprises data breach, that doesn’t necessarily mean that YOUR SPECIFIC credit card information was compromised.
In this situation, even if your info may not have been part of the breach, it still makes sense to take precautions to limit any further damage to you and your finances.
Further, different companies require you to divulge different types of information. However, the most common pieces of information that is required is your name, email and password info.
This presents some unique options and issues. So let’s break that down…
Your name… all things being equal, your name IS your name. There isn’t much you can do about it, especially if the place you’re doing business with legitimately needs that piece of information. For those websites where KYC may not be a thing, then perhaps you have the option of using a false name.
Your email address, while it is a personal identifier, you certainly have a few different options. For example, you can use a different email for different types of online activities. You can also use encrypted email options.
Read More About Encrypted Email Here
Then there is your password. This is probably one of the most common points of failure when it comes to online security.
Given our lives today, it’s understandable… we need to use passwords for EVERYTHING we do today.
This makes life difficult as best… how do you accurately remember all these passwords?
Most people accomplish this by reusing their passwords. Others of us use the same password and add an exclamation point at the end. When hackers get their hands on some of your information, testing these options is among the first things they try to gain access to your accounts.
There are a number of password options. There are password managers for example.
Read More About Secure Password Options Here
Contact Your Bank
If your card or bank information is stolen, contacting your financial institution is imperative. While most banks already have fraud protection measures in place, letting them know that your information may have been compromised can ensure your account gets extra attention.
Perhaps consider cancelling that credit card and having your bank issue another is the way to go.
Another option to consider is getting a prepaid credit card that you use in place of your bank card. This provides an additional level of security where the only money a hacker can get is what you placed on the card.
Monitor Your Information & Accounts
Frankly, this final suggestion is probably something that is a good practice to do on a consistent basis whether or not you’ve been the victim of a breach. By keeping an eye on your accounts regularly increases the chances that you will notice any fraudulent activity quickly and thus allow you to take the necessary measures immediately. There are credit and information monitoring options available for your use.
Pulling Your Options Together
Becoming the victim of an online data breach is on the rise. However, suffering the adverse affects from it can be minimized in most cases. Taking a proactive approach to your online privacy & security is certainly best, but if you still become a victim, taking steps to protect yourself only makes sense.
By using various email accounts as well as using encrypted email you can control any accounts that may become part of an online data breach. Couple this will using strong, unique passwords and you can significantly help protect your security online.
After you know your information has been compromised, taking steps to reduce the possibility of further damage and perhaps proactively monitoring your information can keep damage to a minimum.