A data breach is an incident in which sensitive, confidential, or otherwise protected data has been accessed in an unauthorized fashion. Data breaches can reveal personal information, such as Social Security or credit card numbers, financial institution details, passwords, and other personally identifiable information. With that information, fraudsters can steal your identity. They can apply for credit or medical benefits in your name, or even file for your tax return. While a data breach doesn’t mean there’s a certainty someone will commit fraud in your name, it does increase the chance and puts you in a vulnerable position. If you do become a victim of a data breach, here are some steps you can take to lower the threat and keep your personal finances, credit score, and identity safe from criminals.
The first step in responding to a data breach is figuring out exactly what of yours was stolen or exposed. Maine, along with every other state in the U.S., requires affected companies to inform people if their information was accessed as a result of a data breach. Companies must tell you what happened and how it may impact you, but data breach notices aren’t always easy to understand. The notice can be vague or confusing. However, fully understanding what information of yours was exposed can help you be more strategic with your damage control. If you have questions or want clarification, contact the company that sent you the notice after searching for their official contact information. This can help you get the answers you’re seeking. Additionally, by searching for their official contact information, you can avoid falling victim to potential phishing attempts. Some cyberattackers will pose as the affected company and reach out to those affected by the breach in order to phish for more data.
If your password was compromised in a data breach, you should change it immediately. If you use that same password elsewhere, you should change it there as well. It’s a good idea to regularly change your password and create unique, strong passwords for all of your online accounts. If you reuse a password, data breaches can give fraudsters access to all the sites you use that password on. For example, if your password is “WickedG00dLobstah1” on both Amazon and Netflix, and Netflix.com experiences a data breach, the fraudster may take your username and password and plug it in to other sites. This is called “credential stuffing.” If they eventually try your credentials on Amazon, you’ll now have two compromised accounts instead of one. Change your passwords after any breaches and use different passwords for all of your online accounts. To further secure your accounts against fraudsters, enable two-factor authentication.
If your personal information was stolen during a data breach, you can contact the three major credit bureaus (Experian, TransUnion, and Equifax) to initiate fraud alerts and freeze your credit. By adding a fraud alert to your credit report, it will warn lenders that you may be a victim of fraud. This is an extra precaution and will let potential lenders know they should contact you before opening any new lines of credit in your name. You can also freeze your credit for free at each of the major credit bureaus. Freezing your credit prevents any new credit accounts from being opened in your name. Even if identity thieves have accessed all of your personal information in a data breach, they can’t open new accounts in your name if your credit is frozen. However, when your credit is frozen, even you can’t apply for credit. If you need a new loan or credit card, you’ll need to unfreeze your credit––which you can do anytime at no cost.
You can visit https://www.identitytheft.gov/ to help you navigate the situation in the event of a data breach. The website provides education and can help you understand your options on a recovery plan. If you become a victim, the earlier you fill out the identity theft report, the better. When you receive your completed report, you can send it to each of the credit bureaus to request the removal of any unauthorized activity.
One of the most important things you can do after a data breach is to remain alert and attentive. Monitor all of your accounts closely. Check your credit union account through online or mobile banking, and check your credit report. Federal law allows you to get a free credit report from each of the three main credit bureaus once every twelve months. If you see anything unusual, contact your credit union, the credit bureau, and fill out an identity theft report. By staying alert, you can catch any unusual activity before a fraudster can do too much damage.
For our members’ convenience, links are available in this website to allow quick access to other sites that may be of interest. Clicking on a third party link will take you out of Downeast Credit Union’s website to an alternative website not operated by DECU. The Credit Union is not responsible for the content of the third party website and does not represent either the third party website or the member if you enter into a transaction. Privacy and security policies of the website to which you are linking may differ from those practiced by DECU.
