19 First Steps To Take When Your Personal Information Is Compromised

Aug 29, 2024

As data breaches become increasingly common, anyone should be prepared to take decisive and swift action when they learn their personal information has been compromised. The initial steps you take can determine how well the situation is managed and how your information will be protected in the future.

Here, Forbes Finance Council members share insights and recommend the first actions to take when personal information is breached. These tips can help minimize damage and protect your information from future compromises.

1. Change Your Passwords

Stay calm! A good place to start is by placing a credit freeze with the three major credit bureaus: Equifax, Experian and TransUnion. This will prevent anyone from opening an account in your name. Next, you should change passwords for your financial institutions. You should ensure that the password changes are done on a secure device—a VPN may help to add an additional layer of security. – Zach Brody, Lumiere Financial

2. Set Up Multi-Factor Authentication

Change your ID and password and add multi-factor authentication if you do not already have it. Your credit reports should always be locked except for the brief window when applying for credit. That stops the bleeding. Now it’s on to clean up—contacting impacted parties (including law enforcement—police and the Internet Crime Complaint Center—if needed). – Don Cardinal, Financial Data Exchange

3. Identify Threats Based On What Data Is Compromised

Identity threats vary based on the type of personally identifiable information stolen, so asking a breached company what was taken is a priority. Each type of PII carries different risks: Stolen SSNs can help open fraudulent loans while medical records can give illicit access to medications. The data stolen determines what response will be most effective, from freezing credit to setting alerts. – Lindsey Downing, TransUnion

4. Request New Credit Cards

Hopefully, your personal information is never compromised but, if it happens, the first thing to do is immediately freeze credit cards and debit cards, change passwords to all financial institution logins and freeze credit score inquiries. Then, if physical cards are misplaced, lost or stolen, request the card providers to send you new cards. Keep monitoring your credit score inquiries. – Hitendra Patil, Datamatics Business Solutions, Inc.

5. Report Activity To Your Bank

The first thing you want to do is contact your bank and report what has happened. They can take proactive measures to help prevent unauthorized transactions and monitor your accounts for suspicious activity. It’s also important to place a fraud alert on your credit reports. You can do this by contacting one of the major credit bureaus (Experian, TransUnion or Equifax). – Frankie DiAntonio, Lexington Capital Holdings

The video player is currently playing an ad. You can skip the ad in 5 sec with a mouse or keyboard

Forbes Finance Council is an invitation-only organization for executives in successful accounting, financial planning and wealth management firms. Do I qualify?

6. Focus On Protecting What Was Stolen

When someone realizes personal information has been compromised, such as the AT&T breach, focus on protecting the data that was stolen. So if it is an email hack, change the password on the email; if it is a phone number that was hacked, consider changing the phone number; if a credit card was hacked, get a new credit card number. – Loreen Gilbert, WealthWise Financial Services

7. Remain Calm And Track The Situation

The first step a consumer should take once they realize their personal information has been compromised is to remain calm and quickly assess the situation. Then quickly change your passwords immediately and opt in for two-factor authentication as well. Let your banks and financial institutions know as well. And continue to monitor. – Bob Chitrathorn, Wealth Planning By Bob Chitrathorn of Simplified Wealth Management

8. Use A Service To Monitor Your Credit

Change your primary banking passwords and implement a credit monitoring tool. Your bank or credit union likely has a free tool attached to your account and your credit card company may have one as well. If those aren’t available, there are services like Credit Karma you can use to monitor your credit. – Kathleen Craig, Plinqit

9. Freeze Credit Bureau Accounts

Change all your passwords to any important accounts. Set up two-factor authentication on all your important accounts to keep it from happening again. Subscribe to a service that monitors your credit and alerts you of any changes. You may also go and freeze all your your credit bureau accounts. – Zachary W. Herzog, Wolfgang Capital LLC

10. Contact An Attorney

The best first step is to put safeguards in place before an information breach occurs. At the very least, this ensures you’ll have a competent partner to help you navigate the process of repairing the situation. However, if this has already happened, it may be wise to contact an attorney specializing in this field to ensure your rights are protected. – Ryan Loynd, BrightGuide Financial

11. Take Note Of Any Unfamiliar Transactions

After freezing accounts, changing passwords and notifying financial institutions, check all your accounts online to see if anything looks amiss. See if any charges have been made that are not recognized and see if the credit agencies are reporting any new accounts opened in your name. Check your bank and financial account to see if any money movements that you do not recognize have been made. – Aviva Pinto, Wealthspire Advisors

12. Set Up Fraud Alerts

With fraud on the rise, many banks offer tools like suspicious activity alerts and card lock features to help protect customers against fraud. If fraud is suspected, consumers should contact their bank immediately so that banks can help investigate and offer guidance, including setting up fraud alerts with credit agencies and filing reports with the police, governing bodies like the Federal Trade Commission and more. – George Gresham, Green Dot Corporation

13. Lock Down Your Profile

This happens too often and is increasing daily. First, stop the threat and lock down your profile. Contact the credit bureaus to place a freeze on your credit to prevent fraudulent accounts from being established. Utilize multi-factor authentication for online accounts for bank accounts, credit cards, utilities or any institution that has access to your personally identifiable information. – David Kelley, Diesel Laptops

14. Contact Credit Card Companies

Contact your bank and credit card companies immediately to report the breach and prevent unauthorized transactions. This step helps secure your accounts and allows the institutions to monitor for suspicious activity. – Thomas Hartmann, Funded Unicorn GmbH

15. Notify Company Where Data Is Stored

In financial services, data security is paramount. If a customer’s data is compromised, whether physically or digitally, the first step should be to notify the company where the data is stored or used. Additionally, the customer should change passwords and other sensitive information in all other applications. – David T. Nudelman, Scandinavian Capital Markets

16. Stay Up-To-Date On Security Practices

Immediately change passwords, enable multi-factor authentication, monitor financial statements, notify financial institutions, report to authorities, place fraud alerts, consider a credit freeze and stay informed on security practices. – Sumeet Grover, Alliant

17. File A Report With The Federal Trade Commission

Consumers ought to submit a report to the Federal Trade Commission (FTC) using their IdentityTheft.gov website. This stage initiates a recovery strategy and provides tailored guidance for the client to follow, outlining additional measures based on the type of compromised information. – Neil Anders, Trusted Rate, Inc.

18. Request New Account Numbers

The first thing to do when personal data is compromised is to quickly reset the passwords on all impacted accounts. Next, make a request for new account numbers from financial institutions. Keep an eye on accounts to make sure no illicit transactions occur. Promptly implementing these measures serves to mitigate harm and prevent additional security breaches. I have personal experience with this. – Gomathy Periathiruvadi, Alita Systems

19. Accept Any Assistance Offered By The Company That Was Breached

Accept the credit assistance offered and follow the instructions. Put a fraud alert on your accounts with credit bureaus. Freeze your credit cards, especially the ones that are not used regularly. Have debit cards re-issued by banks. Scrub your automatic bill pay arrangements, as new and frozen cards will affect this. Be vigilant. – Cynthia Hemingway, Fourlane, Inc.

The information provided here is not investment, tax, or financial advice. You should consult with a licensed professional for advice concerning your specific situation.

Disclosures:

Securities and advisory services offered through LPL Financial, a registered investment advisor, Member FINRA/SIPC. WealthWise Financial Services and LPL Financial are not affiliated with any other referenced entities. The opinions voiced in this material are for general information only and are not intended to provide specific advice or recommendations for any individual.