What to Do If You Receive a Data Breach Notification

A letter or email arrives telling you that a company you trusted with your personal information has been breached. Your data -- maybe your Social Security number, financial details, or medical records -- is now in the hands of unknown actors. The good news is that a breach notification is not a death sentence for your identity. What you do in the next 48 hours can make the difference between a minor inconvenience and months of identity theft recovery. Here is exactly what to do, step by step.

First, Verify the Notification Is Legitimate

Before you click any links or call any numbers in a breach notification, confirm it is real. Scammers frequently impersonate breached companies to phish for even more of your data.

• Do not click links in the email or letter. Instead, go directly to the company's official website by typing the URL into your browser.
• Call the company using a phone number from their official website or your original account paperwork -- not a number provided in the notification.
• Check news sources for reports about the breach. Major breaches are widely covered by reputable outlets.
• Look for official details on the company's website, often under a dedicated incident response page.

In the United States, all 50 states have data breach notification laws requiring companies to notify affected individuals. These notifications typically arrive by postal mail, email, or both. Legitimate notifications will include specific details about the incident -- vague or generic warnings are a red flag.

Immediate Steps: The First 48 Hours

Once you have confirmed the notification is real, take these actions as quickly as possible. The faster you respond, the less time criminals have to exploit your exposed data.

1. Change Your Passwords Immediately

Start with the account at the breached company, then change passwords on any other account where you used the same or similar password. Use a unique, strong password for each account -- at least 12 characters mixing uppercase, lowercase, numbers, and symbols. A password manager makes this manageable.

2. Enable Two-Factor Authentication

Turn on two-factor authentication (2FA) on every account that supports it, starting with your email, banking, and social media accounts. Use an authenticator app rather than SMS when possible, since phone numbers can be hijacked through SIM-swapping attacks.

3. Freeze Your Credit at All Three Bureaus

If your Social Security number was exposed, freezing your credit is the single most important step you can take. A credit freeze prevents anyone from opening new accounts in your name. It is free by federal law and does not affect your credit score.

Contact each bureau directly:

• Equifax: equifax.com/personal/credit-report-services or call 1-800-685-1111
• Experian: experian.com/freeze or call 1-888-397-3742
• TransUnion: transunion.com/credit-freeze or call 1-888-909-8872

You can temporarily lift the freeze whenever you need to apply for credit, then re-freeze it afterward. This is one of the most effective defenses against identity theft.

4. Place a Fraud Alert

In addition to a credit freeze, place a fraud alert with one of the three credit bureaus -- they are required to notify the other two. A fraud alert tells creditors to take extra steps to verify your identity before opening new accounts. An initial fraud alert lasts one year and is free.

Monitor Your Accounts Closely

For at least 90 days after a breach notification, increase your vigilance on all financial accounts.

• Review bank and credit card statements weekly for unauthorized charges, even small ones. Criminals often test stolen card numbers with small purchases before making larger fraudulent charges.
• Check your credit reports through AnnualCreditReport.com, which provides free weekly reports from all three bureaus.
• Watch for suspicious mail such as unexpected bills, collection notices, or tax documents for accounts you did not open.
• Monitor your email for password reset requests or account creation confirmations you did not initiate.

Take Advantage of Free Services Offered

Most breach notifications include an offer for free credit monitoring, typically for 12 to 24 months. Sign up for it -- even if you already have monitoring in place, an additional layer costs you nothing and provides extra coverage. Keep records of the enrollment details and the duration of free coverage.

Beyond the company's offer, check haveibeenpwned.com to see if your email address or phone number has appeared in other known breaches. Many people are surprised to find they have been part of multiple breaches without knowing it.

If Identity Theft Has Already Occurred

If you discover that someone has already used your information -- opened accounts, filed taxes, or made purchases in your name -- escalate immediately:

1. File a report with the FTC at IdentityTheft.gov. This creates your official Identity Theft Report, which you will need for disputing fraudulent accounts and charges.
2. File a police report with your local law enforcement. While they may not investigate directly, the report provides documentation for creditors and insurers.
3. Contact affected creditors to dispute fraudulent accounts and charges. Send disputes in writing and keep copies of everything.
4. Consider an extended fraud alert which lasts seven years instead of one, available to confirmed identity theft victims.

In 2024, the FBI reported $16.6 billion in cybercrime losses in the United States alone. Identity theft driven by data breaches accounts for a significant portion of these losses, making swift action essential.

Reduce Your Exposure Going Forward

A breach notification is a wake-up call. While you cannot control how companies secure their databases, you can reduce the amount of personal information that is out there in the first place.

Data brokers collect and sell your name, address, phone number, email, relatives, and more to anyone who pays -- and this data often ends up being the raw material that makes breaches so damaging. The less of your information that exists on broker sites, the smaller the blast radius when a breach occurs.

This is where a service like PrivacyOn becomes a critical part of your long-term security strategy. PrivacyOn actively removes your personal information from 100+ data broker sites and monitors them 24/7 to ensure your data stays removed. At just $8.33 per month, with family plans covering up to 5 people, it is one of the most cost-effective steps you can take to reduce your digital footprint and make yourself a harder target for identity thieves. Think of it as shrinking the surface area that future breaches can exploit.

Keep Records of Everything

Document every step you take after receiving a breach notification:

• Save the original breach notification letter or email
• Note the dates you froze your credit and placed fraud alerts
• Keep records of calls to banks, creditors, and credit bureaus
• Screenshot any fraudulent activity you discover
• Save enrollment confirmations for free credit monitoring

These records may be important if a class action lawsuit is filed against the breached company. Many major breaches have resulted in settlements that compensated affected individuals, but you typically need to demonstrate that you were notified and took specific steps.

A Quick-Reference Checklist

1. Verify the breach notification is legitimate
2. Change passwords on affected and related accounts
3. Enable two-factor authentication everywhere
4. Freeze your credit at Equifax, Experian, and TransUnion
5. Place a fraud alert with one credit bureau
6. Monitor bank statements and credit reports weekly
7. Sign up for offered free credit monitoring
8. Check haveibeenpwned.com for additional exposure
9. File an FTC report at IdentityTheft.gov if theft occurs
10. Reduce your data broker footprint with PrivacyOn

Data breaches are an unfortunate reality of digital life, but they do not have to define your financial future. Acting quickly, methodically, and decisively in the hours after receiving a notification gives you the best chance of staying ahead of criminals. Do not wait -- start working through this checklist today.