My Account May Have Been Hacked—What To Do Now?
You may have seen it on the news recently; 7 million Dropbox usernames and passwords were allegedly stolen. Initial reports were that the Dropbox service itself had been hacked; however, the company issued the following statement on their blog:
The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox.
Regardless of where the leak originated, this is something we see all too often in the tech and business headlines lately. High profile businesses such as major retailers and restaurant chains, ones a lot of us interact with regularly, have had Point of Sale (POS) data breaches over the past several months.
So, what do you do if you see on the news that a service you use or that your favorite restaurant has fallen victim of a data breach?
First Things First—What To Do Immediately
- Determine which kind of data breach your information was involved in. In the event of an online data breach, there’s a possibility that your online credentials, such as your username and password, might have been stolen, whereas POS data breaches tend to steal your credit card numbers.
- If it was a POS breach from a restaurant or store that you have made a purchase with, check your bank and credit card accounts for suspicious activity.
- Monitor any notices from the vendors you use. Once a vulnerable vendor has communicated to customers that they should change their passwords, users should do so.
- Avoid potential phishing emails from attackers asking you to update your password. To avoid being tricked into going to an impersonated website, stick with the official site domain.
- You may also want to change other passwords, if you tend to re-use passwords over several properties, particularly those linked to email accounts or those with sensitive personal or financial information. It is also very important to check your bank and credit card accounts in this scenario as well.
- If you do see suspicious activity, contact your bank or financial institution as soon as possible, and notify them of the questionable transaction. Be sure to inform them that your credit card was used at one of the breached institutions.
In The Interim
- Continue to closely monitor your bank and financial accounts. Sign up for text and email transaction alerts if your bank offers them. It may seem that you are safe after a few weeks; however, it may take months for thieves to actually use the stolen credit card information.
- Contact the company that had the data breach. They may be able to tell you exactly what type of information was leaked and they may have some policies in place to help you keep your personal information protected.
For the Long Haul
- Many large businesses will proactively offer customers potentially affected by a data breach a free year of credit monitoring. Check with the institution that had the breach to see if they offer any services.
- Use secure passwords and two-factor authentication whenever possible.
Even though these data breaches are starting to become too common of an occurrence, there are ways to stay protected. Luckily, anti-fraud laws will protect you against purchases you did not make. It is just up to you to be diligent about monitoring your accounts in the event that you do become a victim of one of these breaches. As long as you report any fraudulent activity using the methods mentioned in this article, you should be in the clear.