I’ve just learned I’m a victim of a data breach. Now what?

So when I start writing most blog posts, I try to come up with an interesting blog title to grab your attention.  See above.  Check!  Next, I search the web for a great graphic (usually I Google it!) to add to the post.  For this post, I Google’d the phrase “data breach victim.”  Try Google’ing that and see what comes up.  I was hoping I might find a cartoon of a person looking defeated or scared.  Something witty by a cartoonist or journalist who could really capture what a data breach victim feels after learning his or her identity has been stolen.  But instead (spoiler alert!), what came up was a page full of brand marks of several of the largest corporations hit by hackers and data thieves in the last year or so. Here are just a few of the first ones that came up:

targetimage neimansimage michaelsimage anthemimage1 homedepotimageApparently, and quite properly, humor (and even sarcasm) are not the first reactions by anyone, including the cartoonists, when it comes to data breaches.  I scrolled through more than a hundred images (mostly breached company logos) before coming to one cartoon.  Serious stuff.

The first cartoon that came up kinda summed it up nicely, though:


You shop at a major retailer.  You work for a large corporation.  You are a client of an insurance company.  And you learn that the organization you shop at, your work for or who helps insure you that you trusted with your personal and/or financial information has been hacked.  You feel victimized.  You feel, well… exposed.  So what do you do next to protect yourself?

First, take a deep breath.  You may be frustrated, angry at the organization who you trusted to protect your data or wondering if your credit has been or will be compromised. Data breaches have become so common, that fortunately there are many resources to help you.

One of the most concise resources I found that summarized the steps you should take immediately, and then later if you do find your stolen data has been used is from the Federal Trade Commission (FTC).  There is a wealth of good information on the FTC’s page, including information about particular types of identity theft (medical, tax, children, etc.) and forms and sample letters to help you navigate various options to protect your information, or restore your identity if it has been harmed.  But assuming you have just learned that your information was involved in a data breach, here is the best way to get started according to the FTC:

Identity Theft

Identity theft happens when someone steals your personal information and uses it without your permission. It’s a serious crime that can wreak havoc with your finances, credit history, and reputation — and can take time, money, and patience to resolve.

What to Do Right Away

Immediate Steps to Repair Identity Theft

Here’s how to begin to limit the harm from identity theft.

What to Do Next

Extended Fraud Alerts and Credit Freezes

Placing both extended fraud alerts and credit freezes on your credit reports can make it more difficult for an identity thief to open new accounts in your name.

Repairing Your Credit After Identity Theft

Here are step-by-step instructions for disputing fraudulent charges and accounts related to identity theft.

Lost or Stolen Credit, ATM, and Debit Cards

Federal law limits your liability if your credit, ATM, or debit card is lost or stolen, but your liability may depend on how quickly you report the loss or theft.

There are many other great resources out there to guide you as well.  The Better Business Bureau, your State’s Attorney General (here is Connecticut’s) or Consumer Protection agencies, and the credit bureaus (Experian, Transunion, Equifax)  are great places to start from tips and road maps as well.