I have been hacked, now what? 

If you have been notified that your Work or Personal Information was exposed to a data breach, follow the steps below:  

  1. Immediately reset all your passwords – While this may be tedious, it is also the quickest way to remediation.  Do not reuse any previous passwords.  Consider using a password manager for password creation and changes. 
     
  1. Add a Security Fraud Alert to your Credit Reports – This will help to freeze your accounts and to prevent any further compromises with your accounts.  

Data breaches are incidents where confidential information is stolen from a company or a person.  If you ever receive notice that your data has been compromised in a data breach; it is extremely important to act quickly to secure your accounts and take preventative measures against fraud.  The two biggest things you should do is to: 
 

  1. Enable Two-Factor Authentication (2FA) – If you haven’t already, enable 2FA wherever possible. This adds an extra layer of security by requiring a second verification method (such as a text message or authentication app) in addition to your password.  
  1. Reach out to your financial institutions to freeze your accounts.  
  1. Quickly Assess the Situation and assume the worst.  You will need a level head to start thinking through the implications and potential worst-case scenarios: 
     
  • Did you reuse any passwords elsewhere?  If so, you should reset those  passwords as well.  If you are not sure, just reset the password as a precaution; and with a unique password that you have never used. 
     
  • Did you notice any changes to any of your accounts? If so, consider the account compromised and ensure that the password has been updated. 
     
  • Ensure that changed Passwords are strong.  Passwords should be no less than a length of Twelve using  a mix of characters, upper, and lowercase,  numbers, and symbols. The more characters the stronger.  Either use your Password Manager or utilize a Passphrase Generator to create a strong password easily with Free Password Generator | Create Strong Passwords | Bitwarden; or your favorite Password Generator.   
     
  1.  Scan your devices for Malware. Run a thorough Antivirus/Malware scan on all of your devices.  Make sure that the Operating Systems and applications have current patches. 
     
  1. Monitor your accounts closely for the next several months or more.  Accounts include all your email, financial accounts, social media accounts, and any online accounts impacted.   
  • Let your family and friends know that you have been hacked so they can be aware that some of the accounts may have been hacked. 
     
  • Consider using an Identity Monitoring Service.  
  1. If your information was exposed to a data breach, the breached company will likely notify you.  If a breached company operates in the United States, the company is required by US Law.  If you live in Illinois, Illinois Law (815 ILCS 530), is to notify you of the breach and personal information that may have been collected. 

To Find out what has been compromised, Consider using  Have I Been Pwned?. or a similar web site or application to see what accounts were affected, or are at risk.  Simply type your email address or copy and paste an email address in the “pwned?” field to see what has been compromised by the account.    
 
 

“Have I Been Pwned” will provide known items that your information has been expsosed to, and what systems were affected.  If you feel that you had any sensitive information within the items in  your search may find, you should assess the account sensitivity of the type of data and accounts used.  Any time that you receive a compromise email from a vendor or a new search in “Have I Been Pwned”, change that password.    

Exposure of your personal information in a data breach is a downside to the convenience of the Internet, digital transactions, and e-commerce. It’s wise to be prepared in case it happens to you, and to act quickly if it does to minimize the potential damage. 

If you’re the victim of a breach, take a breath, try not to panic, and follow the steps above. If you confirm your data has been stolen or misused, act immediately and report the matter to appropriate authorities. 

Most of all, Learn from the experience. 

 
Learn More About Data Breaches and Remediation (From Experian) 

  • What Is a Data Breach? 
    A data breach is the theft of personal information from an organization’s digital records. Here’s how a data breach may affect you. 
     
  • How to Freeze Your Credit 
    Request a credit freeze online or by mail from each of the three national credit bureaus to limit most access to your credit reports indefinitely. 
     
  • How to Place a Fraud Alert 
    It’s quick and easy to add a fraud alert to your credit report, notifying lenders to confirm your identity before processing applications for loans or credit. 
     

By Dave Broucek, Trusted Advisor and Cybersecurity

Net56-Logo-Tech-Services

Categories:

Tags:

Comments are closed