A data breach or data compromise is commonplace these days unfortunately. Avoiding a data thief isn’t always possible. Sometimes we feel storing yet another unique password is going to put us over the edge. So, we reuse one we can easily remember. Or we open that unknown email. We’ve shared ideas on preventing stolen data before. Now, let’s discuss how to best survive if your information has been compromised. ClickAway technicians are here to assist if you need them.
Change your passwords in the event of a data breach
This is obvious but changing your passwords as soon as you’ve spotted a sketchy purchase or behavior is key. It’s not uncommon for people to reuse the same password across multiple sites and services, and the hackers know it.
You really should be using a different strong password every time, and password manager apps can be a huge help. Once they’re installed, you can use them to create secure passwords that they save for later use. Of course, you must remember the single master password that gets you into the app.
Web browsers like Google Chrome and Apple’s Safari can automatically detect when one of your saved passwords was previously exposed in a hack or data breach. Apple’s iOS and iPadOS software also offers a security recommendations tool (Go to Settings -> Passwords -> Security Recommendations). This will show you all your vulnerable online passwords in one place.
Stay alert – where were you affected in the data breach?
If you have been part of a data breach, the breached company may send you a notice. Retain all documents and consider any suggestions they may have. Also, pay attention to and retain any mail you receive that is unfamiliar to you, such as notices from the IRS regarding your taxes or any bills from unknown lenders.
The first step to find out where else you were affected is to find out if your information was a part of the latest data hack. To do this, go to haveibeenpwned.com and see if your phone or email has been part of a data breach.
Use the right kind of two-factor authentication
It’s time to start adding another layer of protection. That’s where two-factor authentication comes in. The most common relies on text messaging. If you’ve ever been prompted to type in a code that gets texted to your phone when logging into a website or service, you have two-factor authentication set up – for that sight anyway.
This kind of authentication isn’t unbreakable, however. If someone has access your account with your wireless carrier, they could perform a SIM-swap attack. Once that happens, every text message that would normally be delivered to your phone would instead be directed to the hacker, security code included. If at all possible, use an app like Authy or Google Authenticator. Instead of relying on text messages, these apps can generate single-use codes to help you securely log into your accounts.
Monitor your financial accounts
Visit your online bank and financial accounts, and review or setup any alert features they may have. This could help save some time and keep you notified of any unusual events when they occur.
Monitor your credit reports
You can check your credit report for free once every twelve months by visiting AnnualCreditReport.com. Checking your credit report can help you identify any unusual activity, such as new accounts, new personal information, or inquiries. You can also freeze your credit if your social security number or other financial data was part of the data breach. Consider filing your taxes early to take precautionary measures and beat fraudsters to the IRS.
Start recovering your accounts
Once you’ve locked down your primary accounts, you can start trying to recover ones you may have lost control of. Many commonly used services offer a suite of tools to help you verify your identity and regain access to your accounts, but some make it easier than others. Here’s how recovery works on some of the services you might be using. If you need help recovering passwords, contact your nearest ClickAway.
The company will let you verify yourself by contacting other devices connected to that account. On Android phones, that means you’ll get a notification that you can tap “yes” on to prove you’re the account owner. If you’re using an iPhone or iPad, Google makes that verification message available in the Gmail app. If none of that works, Google will send a recovery email to a backup email address if you’ve specified one in the past. To start, go to accounts>sign in>recovery identifier.
Go to iforgot.apple.com if you think someone has your Apple ID. Apple will ask you to verify your phone number and then sends notifications to your other Apple devices to help you reset your password. Make sure you know your login password for your Mac, iPad and iPhone.
Start with “forgot password” and Amazon will attempt to confirm your identity by sending a verification code to your phone. If your phone was stolen, call Amazon customer service. They may ask you to upload a scan of your driver’s license to verify your identity.
Visit the company’s opens in a new windowaccount recovery site and type in the email address associated with your Microsoft account. You’ll be prompted to give Microsoft an account recovery code if you’ve already made one; if not you’ll have to fill out a short form that asks you to provide an alternate email you have access to. Microsoft will then send a four-digit code to that email address. Once you’ve verified the code, you’ll fill out another short form to start the recovery process.