What to Do If Your Employer Data Is Breached

When your employer suffers a data breach, the exposure is uniquely severe. Unlike a retailer breach that might leak your email and a password, employer breaches can expose your Social Security number, home address, bank account and routing numbers, tax records, salary information, and health insurance details — everything a criminal needs to steal your identity and wreak financial havoc. According to the Identity Theft Resource Center's 2025 report, data compromises have reached record numbers with a 79% jump over the past five years. Here is your comprehensive guide to protecting yourself when your employer's data is breached.

What Information Employers Typically Have

Before taking action, it helps to understand the scope of what may have been exposed. Employers collect and store an extraordinary amount of sensitive personal data:

• Full legal name, date of birth, and Social Security number — from your W-4, I-9, and payroll records
• Home address and phone number — from HR records and emergency contacts
• Bank account and routing numbers — from direct deposit setup
• Tax records — W-2s, tax withholding elections, and potentially state tax information
• Health insurance information — plan details, dependent information, and sometimes medical claims data
• Salary and compensation details — pay rates, bonuses, stock options
• Government-issued ID copies — driver's license or passport copies from employment verification
• Background check data — criminal history, credit checks, employment verification results

This combination of data is particularly dangerous because it provides criminals with everything needed for full identity takeover — not just one account, but your entire financial identity.

Immediate Steps: The First 24 to 48 Hours

Speed matters. The faster you act after learning about the breach, the harder it is for criminals to use your stolen data.

1. Freeze Your Credit at All Three Bureaus

This is the single most important step you can take. A credit freeze prevents anyone — including criminals — from opening new credit accounts in your name. It is free and takes about 10 minutes per bureau:

• Equifax: equifax.com/personal/credit-report-services/credit-freeze or call 800-349-9960
• Experian: experian.com/freeze or call 888-397-3742
• TransUnion: transunion.com/credit-freeze or call 888-909-8872

Save the PINs or passwords each bureau provides. You will need them to temporarily lift the freeze when you legitimately apply for credit.

2. Place Fraud Alerts

Set up an initial fraud alert with one of the three bureaus — they are required to notify the other two. A fraud alert lasts one year and requires creditors to verify your identity before opening new accounts. You can also place an extended fraud alert lasting seven years if you file an identity theft report with the FTC.

3. Change All Work-Related Passwords

Immediately change passwords for:

• Your work email account (if you still have access)
• Any personal accounts that used the same password as work accounts
• Your payroll and HR system accounts (Workday, ADP, Gusto, etc.)
• Benefits portals (health insurance, 401k, HSA)
• Any accounts that use your work email as the login or recovery email

Use unique, strong passwords for each account and enable two-factor authentication everywhere it is available.

4. Contact Your Bank

If your direct deposit information was potentially exposed, contact your bank immediately. They may recommend:

• Closing your current account and opening a new one with new account and routing numbers
• Adding extra verification requirements to your account
• Setting up alerts for all transactions

Medium-Term Actions: The First 30 Days

Review the Breach Notification Carefully

Your employer is typically required by law to notify affected individuals. The notification should explain:

• What data was compromised
• When the breach occurred and when it was discovered
• What the company is doing in response
• What free services are being offered to affected employees

Enroll in the Free Credit Monitoring

Most employers offer one to three years of free credit monitoring through services like Experian IdentityWorks, Kroll, or AllClear ID. Enroll immediately, but understand the limitations:

• Credit monitoring alerts you to suspicious activity — it does not prevent it
• It typically only monitors one credit bureau unless premium coverage is provided
• It usually does not cover dark web monitoring, data broker removal, or identity restoration services
• When the free period ends, your protection stops unless you subscribe

Think of free credit monitoring as a starting point, not a complete solution.

File Your Taxes Early

Tax fraud is one of the most common consequences of SSN exposure. Criminals file fraudulent tax returns using your Social Security number to claim your refund before you do. File your taxes as early as possible each year following the breach. Consider requesting an Identity Protection PIN (IP PIN) from the IRS at irs.gov/identity-theft-fraud-scams, which adds a six-digit code that must be included on your tax return.

Monitor Your Financial Accounts

For at least the next 12 months, actively monitor:

• Bank accounts — check for unauthorized transactions, even small ones (criminals often test with small charges first)
• Credit card statements — review every charge
• Credit reports — pull free reports from AnnualCreditReport.com and review for unfamiliar accounts, inquiries, or address changes
• Health insurance claims — medical identity theft is rising and often goes undetected for months
• Social Security account — create an account at ssa.gov and monitor for unauthorized changes or benefit claims

Long-Term Monitoring and Protection

Understand the Ongoing Risks

Stolen data from employer breaches does not expire. Criminals may sit on stolen information for months or years before using it. The threats include:

• Synthetic identity theft — criminals combine your real SSN with fake information to create new identities that are difficult to detect
• Credit fraud — opening loans, credit cards, and lines of credit in your name
• Tax fraud — filing false tax returns using your SSN, potentially for years
• Medical identity theft — using your insurance information to obtain medical care, prescriptions, or file false claims
• Employment fraud — using your SSN to gain employment, which can affect your tax records and Social Security benefits

Keep Your Credit Frozen

A credit freeze should be your default state. Only temporarily lift it when you need to apply for credit, a new apartment, or certain services. Lifting a freeze takes minutes and can be done online. The minor inconvenience is worth the protection.

Consider an Identity Theft Protection Service

After the free monitoring period from your employer ends, consider maintaining protection through a dedicated service that provides broader coverage than basic credit monitoring alone — including dark web monitoring, identity restoration assistance, and insurance against identity theft losses.

Your Legal Rights

Employees affected by employer data breaches may have legal recourse depending on their jurisdiction:

• Data breach notification laws — all 50 states require companies to notify individuals when their personal data is breached. Failure to notify in a timely manner can result in penalties
• Class action lawsuits — data breach class actions are increasing significantly. You may be eligible to join a class action against your employer or their data security vendor
• State privacy laws — states like California (CCPA/CPRA), Illinois (BIPA), and others provide additional rights and potential damages for privacy violations
• Negligence claims — if your employer failed to implement reasonable security measures, you may have grounds for a negligence claim

Watch for communications from law firms about potential class actions. If you suffer actual financial losses from the breach, consult with a privacy attorney about your individual options.

Reduce Your Exposure Going Forward

An employer data breach is a wake-up call to reduce how much personal information is available about you across the internet. The more data that exists about you online — through data brokers, people-search sites, public records, and old accounts — the easier it is for criminals to exploit stolen employer data.

PrivacyOn helps you reduce this exposure by continuously monitoring and removing your personal information from over 100 data broker sites. When your SSN, name, and date of birth are stolen in a breach, criminals cross-reference that data with publicly available information to build a complete profile. By removing your home address, phone number, email, and other details from data broker sites, you make it significantly harder for criminals to verify and exploit your stolen data.

An employer data breach is beyond your control, but your response to it is not. Take the immediate steps outlined in this guide within the first 48 hours, stay vigilant with ongoing monitoring, and proactively reduce your data exposure to limit the long-term damage. Your stolen data may be out there permanently — but the harder you make it to use, the safer you will be.