Unfortunately, data breaches occur often. Even if you are taking all the necessary precautions to avoid them, they can still happen. Therefore, it is important to have a plan of action to follow in the event of a data breach. A recent itnews.com article suggests how to best deal with a data breach and avoid catastrophic monetary loss and/or identity theft.
Step 1: The first thing you will want to do is figure out exactly what information was stolen. Once you figure out what was taken (usernames, passwords, credit card information etc.) your next course of action will be determined by step 2.
Step 2: Determine whether the hackers will be able to use the stolen data. If your data is in the form of cleartext, then chances are the data will be decoded easily. However, if it has been hashed, salted, or encrypted, there is a chance that although the hacker has stolen your data, it will not be able to be decoded and is therefore useless to the hacker.
Step 3: Change your password. This should be done whether your data is usable or not. If you are using the same password across multiple sites now is the time to stop doing that. At this time, you should also consider using a password manager such as LastPass and enable two-factor authentication on any accounts that will support it.
Step 4: If you don’t already have one, create a dedicated password recovery email. Be sure this email doesn’t hint at your identity at all. For example, a good recovery email address would be something like email@example.com, while a bad one would be one that contains your name or initials such as firstname.lastname@example.org.
Step 5: If your credit card information was stolen, contact your credit card provider and get a fraud alert on your credit card with the three major credit bureaus. Consider putting a credit freeze on your records to prevent the hacker from using your information to open any credit cards in your name.
Step 6: Determine who you need to report the data breach to. In many states, there are laws which require you to report certain data breaches.
Don’t panic, for data breaches occur frequently. If you have been taking the necessary actions to protect your information, a cybercriminal can only do so much; if anything at all, with your data. If you experience a data breach or have any questions about a plan of action to take in the event of one, don’t hesitate to give us a call here at OptfinITy at 703-790-0400 or visit us on our website at www.optfinity.com.