If you are the victim of a data breach, time is of the essence. Whether your personal data has been compromised as part of a larger targeted cyberattack, or you are the victim of an individual cybercrime. You'll need to take immediate action to minimize the impacts. These are steps you should take within specified time frames after discovering your data has been breached.
Within the first 24-48 hours
- Call your advisor, regardless of where or how the breach occurred, so he/she can watch for any suspicious activity in your accounts and collaborate with you on extra precautions to take in verifying your identity prior to any fund transfers.
- Call the Social Security Administration's fraud hotline at 800-269-0271 if you suspect your Social Security number has been compromised. The Office of the Inspector General will take your report and investigate activity using your Social Security number. The Social Security Administration also provides helpful materials, such as the pamphlet Identity Theft and Your Social Security Number.
- Contact the Federal Trade Commission (FTC), either at www.identitytheft.gov, by calling 1-877-IDTHEFT (TTY 1-866-653-4261), or by visiting www.ftc.gov. Click on Report Identity Theft to access the Identity Theft Recovery Steps. This one-stop resource for victims of identity theft will guide you through each step of the recovery process, from reporting the crime to creating a personal recovery plan and putting your plan to action.
- Visit the IRS website https://www.irs.gov/uac/taxpayer-guide-to-identity-theft if you're the victim of tax fraud. You'll be able to access the Taxpayer Guide to Identity Theft, which provides education on tax-related identity theft, tips to reduce your risk, and steps for victims to take.
- Call all the financial institutions that you have accounts with. They can put a fraud alert on your accounts.
- If appropriate, close any compromised or unauthorized accounts. It may be a good idea to "clone" your existing accounts - create an identically titled copy of your existing account, move the assets over, then close the original account.
- Run reputable anti-virus/anti-malware/anti-spyware software to clean your computer. This will be helpful if a virus or malware were the source of the data breach.
- Once you've ensured your computer is virus/malware/spyware free, you should change passwords on your financial accounts. Make each password unique, long, and strong, and use two-factor authentication when available. See the excellent write ups below for more information on Two Factor Authentication (2FA) and Password manager.
Within the first week
- If the breach occurred at a firm with whom you do business, be sure to follow the legitimate directions provided by that firm. If it offers credit protection services, sign-up for the service.
- Report the crime to your local police, even though the incident may cross multiple jurisdictions. Your local police will file a formal report and may be able to refer you to additional resources and agencies that can help.
- Report your stolen money and/or identity to one of the three main credit bureaus. Provide the credit bureau with your police report number and ask them to place a fraud alert on your account to prevent additional fraudulent activity. Once the fraud alert is activated, the two other credit bureaus will receive automatic notification and the fraud alert on your credit report will be in place for seven years with all three credit bureaus. (Without your police report number, the alert will only be in place for 90 days.
- Put a freeze on your credit report with each of the main credit bureaus to prevent the unauthorized opening of accounts. Executing a freeze with one credit bureau will NOT automatically update the others. You can easily unfreeze your credit report when needed. Contact the credit bureaus using this contact information for freezes.
- Review all recent account statements for unauthorized activity and report any suspicious transactions to the business where the unauthorized or suspicious activity occurred.
- Consider what other personal information (e.g., birth date, social security number, PIN numbers, account numbers and passwords) may be at risk and alert the appropriate businesses.
- Begin collecting and saving evidence such as account statements, canceled checks, receipts, and emails that may be useful if an investigation is warranted regarding the cybercrime.
For more information on contacting the Credit Bureaus and putting a freeze in place, see this article: Massive Equifax security breach - What you need to know, what you need to do
Within the next 30 days and beyond
- Carefully review statements on all accounts as soon as they arrive. Look for unauthorized activity, and report any suspicious transactions to the business where the unauthorized or suspicious activity occurred.
- Notify your friends, family, business associates, and other relevant parties in your contact list that you were hacked. Tell them to beware of emails that may have been sent to them from your account.
- Speak with your advisor regarding precautions you'll jointly take to enhance the identity verification process when you want to execute financial transactions.
- If you're a victim of Social Security fraud, go to www.socialsecurity.gov/myaccount and create an online Social Security account. This will enable you to access and review your statement online and verify its accuracy.
- Request a credit report every six months to check for unauthorized activity. It will NOT affect your credit score.
The most important thing is to act quickly. However, from this point forward you are going to need to be diligent, taking precautions in order to prevent further security incidents.
Have questions? Don't hesitate to call us at 408-688-0888