There are six actions that we must take after data breach. Usually, the way that we discover we are or might be the victim of a data breach is either we received a letter from a company that we did business with or we hear about a data breach in the news. I have personally received data breach letters from various companies over the years including one from the Target Corporation notifying us that our information was stolen when they discovered a data breach. That said, being a victim of a data breach is different than being a fraud victim. Actually, being a data breach victim is better than being an identity theft victim because as we become aware of a data breach, there are steps that we can take to prevent fraud and detect fraud quickly if it occurs. By now, you may be wondering, what are some of the actions that people can take after data breach incidents occur? Below are 6 actions that you can take to protect yourself from identity theft after data breach incidents become known to you:
1. Order your credit report and review it carefully - In the US, you can order a free copy of your credit report once every year from each of the 3 credit reporting agencies. There are similar laws in other parts of the world which allow consumers to receive a free copy of their credit report. That being said, even if you have to pay to see the content of your credit report and validate the information, it’s worth the investment if it helps you detect identity fraud early on, and put a stop to ongoing fraud, or clear your personal credit report of any and all erroneous and fraudulent transactions. If you live in the US, read this article for additional information about the free annual credit report.
2. Sign-up for automated services - After you order and review your credit report, sign up for automated services which alert you of a change when it is reported in your credit file such as business inquiries, new accounts, and changes to your existing accounts. This is especially helpful if you find it difficult and time consuming to order and review your credit reports every so often. However, since automated monitoring starts to work from the moment you register for such services and alerts you about new changes, you must review your report to detect existing information to detect fraud and also register for identity monitoring services to receive change notifications. Credit monitoring is especially important since many credit fraud transactions hit your credit reports. If you're lucky, the company which had your information compromised, may offer you a free identity monitoring service. If this is the case, make sure you take advantage of this offer before the offer expires which is usually not without a deadline for registration.
3. Place fraud alerts on your credit reports - Fraud alerts must and can be placed on credit reports when a consumers suspects that they might be a target of identity theft. Fraud alerts are somewhat useful if businesses pay attention to them but they have lost some of their intended usefulness since many identity protection services automatically place or recommend their customers to place fraud alerts. However, even if they have become less effective, a fraud alert is still a good idea after data breach notification or discovery. Learn more about fraud alerts.
4. Freeze accounts - It may a be good idea after data breach to freeze some inactive accounts and credit reports if the accounts are hardly ever used and if there is no need to allow a business view your credit report which occurs when you apply for a new credit account or credit line. If an account is not used and if you rarely apply for new credit, you should consider a freeze. You can always lift a freeze and re-activate accounts and credit files, but as long as your accounts and credit files are frozen or deactivated, no one can abuse them unless they impersonate you and re-activate these accounts while they claim to be you. But even if this were the case, you should read on because you will get a notification that such action is being taken and you can notify the appropriate parties that the change is not authorized by you. Read an article about account freeze and another about credit freeze.
5. Review account transactions - you can review account transactions online or on paper when you receive the statements at the end of the monthly cycle. There is an added benefit to online review of transactions because fraud would be detected sooner than later. You see, when you review account transactions in your monthly statement, you might be detecting some transactions as old as 20+ days. But daily online review of transactions will help detect unauthorized transactions which are only one day old. Regardless of your preference, account motoring is still a very good idea especially after data breach incidents to detect fraud.
6. Activate account alerts - Last but least, some online accounts allow account holders to activate alert features and receive notifications when their account is hit with new changes like new debit transactions. Some accounts even allow account holders to be more specific about their alert needs and be more specific such as receiving alerts only when the account is hit with a debit transaction over $500. This way, customers do not receive many text and email messages about their accounts and can quickly be alerted and review the changes that they have specified. This kind of targeted notification allows customers to balance fraud risk with time efforts needed to detect fraud. For example, a tiny transaction of $1 even if it is a fraudulent transaction may not be worth the hundreds of text and emails that you will receive for all valid transactions if you set the alert settings to send a system notification for all transactions worth $1 or more. Everyone has a different tolerance and time restrictions. If you feel that you do not have time to review every transaction especially if you incur many daily transactions, think about when you would like to be notified before activating and setting up the account alert feature. Read a related article.