Skip to main content
Clear icon
49º

What to do after a data breach -- and how to protect yourself from one

It seems like there’s always news of another data breach, like the recent one at a huge data broker that could potentially affect tens of millions of us.

Whether you’ve been a victim or want to proactively protect your personal information, Consumer Reports explains what you can do now before the hackers strike.

Like many of us, Consumer Reports Tech Editor Nicholas De Leon knows how it feels to be the victim of a data breach. His advice is, first, don’t panic. His Social Security number was stolen in the big Equifax hack, and he eventually sorted everything out.

One important step De Leon took was freezing his credit at the big three credit agencies; a move CR generally recommends since it can help prevent criminals from opening new accounts in your name.

The thing is, anytime you need credit — say you’re going to rent an apartment or you’re going to buy a new phone — you’ll need to unfreeze your credit to do so. You can do all of this by simply calling the credit agency and asking them to freeze and unfreeze your credit as needed.

A less restrictive option is contacting the credit agencies to put a fraud alert on your credit. This alerts lenders to take extra steps to verify someone’s identity because their personal information may have been compromised.

It’s also a good idea to keep an eye on your free weekly credit reports, credit score and credit card statements. If you notice any unauthorized charges on your credit card statement, you should immediately contact the issuer.

Finally, if you’re a victim of a data breach, be sure to change your password, not only on your hacked account but also anywhere else you’ve used it.

And a pro tip: Instead of reusing passwords in the future, consider using a password manager.

They generate and store unique, complex passwords for each of your accounts. Many will also alert users if their password was leaked in a data breach, including CR-recommended password managers from 1Password, Dashlane, and Keeper.

CR also suggests getting rid of any online accounts you no longer use since having too many digital accounts increases the risk of your data being misused or stolen.