Skip to content

What To Do If You’ve Been Part of a Data Breach


These days, it seems like data breaches happen so frequently consumers can hardly keep up. Almost every week there are headlines about another company that’s been breached.

What should you do if you have an account with one of these breached organizations, and your information has been exposed?

When you hear about a data breach you think you might be involved in, you should act quickly to secure your digital accounts. This guide covers what kind of information could be exposed in different types of data breaches. It also provides a list of actions to take following a data breach to secure your information.

Absolutely Doable and It's Free.

Types of data breaches

The type of data breach may dictate how you respond. Common types of data breaches and the possible information that could be exposed are:

  • Breaches of banks and financial institutions: This kind of breach could expose banking info such as your credit and debit card numbers or account numbers. It could also expose your name, address, birth date, email address, credit score, payment history, and even your Social Security number.
  • Breaches of medical facilities: If a hospital, clinic, or other healthcare facility experiences a data breach, it could expose your Medicare or insurance policy numbers, medical treatment history, prescription information, billing info such as credit card account numbers, and your Social Security number.
  • Breaches of government agencies: If a government organization is hacked and has a data breach, it could expose your Social Security number or information related to tax payment and voter registration.
  • Breaches of entertainment companies: Video game vendors and event ticketing services are often targets of cybercriminals in the entertainment sector. Hacks of these companies could reveal names, phone numbers, addresses, or banking info. They could also infringe on your privacy, as was the case with the Fortnite hack in 2018.
  • Breaches of educational institutions: Schools and colleges collect personally identifiable information about their students, including names, birth dates, addresses, driver’s license numbers, Social Security numbers, bank account numbers, or university ID numbers.

Steps to take if you were involved in a data breach

1. Confirm the breach occurred

Before doing anything, you should confirm that there was, in fact, a data breach. A common phishing scam is sending out an email that looks like it’s from a company you have an account with, saying there’s been a breach or a problem with your account. It will say you need to click a link to log in. If you get an email like this, never click any links. Instead, contact the company directly or search for news stories to confirm the breach.

2. Scan your computer/device for viruses

It’s possible you may have logged into the breached company’s account before you realized they were hacked. If your information was exposed, hackers may have already tried to use it. Run a malware scan on your computer, smartphone, or any device you use to access the accounts of the hacked company.

3. Determine which information was stolen

Once you know the breach has occurred, you need to figure out which information is potentially exposed. Depending on the type of breach, this information may vary. If it was a healthcare facility, you can probably assume your health info is at risk and start securing it. If you find a news story about the breach or contact the company to confirm, you’ll likely learn what information was exposed.

4. Reset all your passwords

Change the passwords on all your online accounts — even those that you think may not be involved in the breach. If the account uses your email address, name, or any other sensitive information that could identify you, it needs a new password. This is also the chance to strengthen your passwords and use something harder to crack than [email protected] If you don’t already use a password manager, now is the perfect time to start.

5. Review your digital accounts

As you’re going through each of your accounts to change passwords, delete any old accounts you no longer use. The less information about you on the web, the better. If you’re deleting an account that has uploaded files such as documents, photos, or videos, delete all those files from the account first, then delete the account.

6. Contact the hacked company and take further actions

Changing your passwords is a good step, but you may also need to reach out to banks, doctor’s offices, credit bureaus, universities, or whoever has your information to further protect yourself. It may also involve canceling credit cards, putting a freeze on your account, initiating a fraud alert, or asking for copies of medical records.

7. Keep monitoring your accounts

After you’ve reset your passwords and contacted the relevant companies about the breach, your work is still not done. Continue to monitor your accounts for suspicious activity. Be on the lookout for more phishing emails than usual or transactions made in your name.

How do you know if you’ve been part of a data breach?

Reading about a data breach in the news is one way to learn about it, but that’s a little passive. To keep your information secure, you should actively check if you’ve been part of a data breach. has a data breach checker, which will allow you to see if your information has been compromised. All you have to do is enter your email address.

Learning your information is involved in a data breach can feel stressful and overwhelming. As long as you act quickly and take the proper steps to secure your data, you may be able to minimize the damage.

To learn more about data breaches, you can also listen to the Easy Prey podcast episode with Troy Hunt, a web security expert and educator who created the data breach search tool Have I Been Pwned?

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
  • Uncategorized
scam texts

ALERT: Scam Texts, the Latest Dirty Trick!

You need to be up to speed on "smishing," the text message trick scammers use to capture...

[Read More]
Zelle payment scams

It’s not a Zelle Scam, Just Scammers Who Want You to Use Zelle

Beware of any calls you get to talk about Zelle and fraud, even it's from your "bank."...

[Read More]
Roy Zur talks about human factor cybersecurity and why it's essential for business.

Human Factor Cybersecurity: A New Approach for Business

Cybersecurity isn’t just for cybersecurity professionals or people who understand code. Employees at any level can let…

[Read More]
Cameron Huddleston talks about how to protect elderly parents' finances.

Protect Elderly Parents’ Finances from Scams and Exploitation

As you watch your parents get older, it’s easy to begin to worry about them falling for…

[Read More]
Jack Whittaker goes behind the scenes of scam sites.

Scam Sites and the Scam Economy

When you find a scam website – or worse, fall for a scam – you’re not thinking…

[Read More]
It's important to be aware of student loan forgiveness scams!

Student Loan Forgiveness Scams: Red Flags to Watch Out For

On August 24, President Biden announced a three-part plan to help middle- and working-class people with student…

[Read More]