There Has Been a Breach, Now What?
By: Frank J. Ohlhorst
No one wants to hear the term “data breach”, especially when the subject applies to their own data. Truth be told, data breaches happen all the time, even to the biggest of companies, such as Equifax, Target, Home Depot, and countless others. While data breaches may be a sad fact of modern life, they can have lasting repercussions. So what exactly happens when there is a data breach, and how should you respond?
One of the first things someone that has suffered a breach should do is take a long hard look at how that breach occurred. For consumers, that knowledge may be valuable for making decisions on where you store data and what information you should provide in the future, as well as looking into what sites have your data, and if you should remove it if it is not protected well enough.
For system administrators and IT Pros, the first step to take after a breach is to better secure the systems you are responsible for. In other words, find out the how and why the breach happened and institute something that remediates the problem. For example, if the breach occurred because of stolen credentials, then it may be time to implement MFA (Multi-Factor Authentication), such as AuthAnvil by Kaseya.
After addressing the immediate problem and preventing more breaches from occurring, there are several best practices that those impacted by a breach should follow:
- Determine what was stolen: You should attempt to find out what type of information was stolen via the breach. Some information, such as what can be found in a phone book or on a public site, may not be very sensitive. On the other hand, information such as birth dates, social security numbers, passwords, account numbers, credit card numbers, and the like can be considered very sensitive information that can be used for identity theft.
- Change passwords: Now is the time to change any passwords and use strong, hard to guess passwords, unique for each account. Enable MFA if that is an option available to you, and consider using a password manager to securely store all of your new passwords.
- Contact Financial Institutions: If you suspect that credit card or other account information was stolen, you should contact your financial institutions and let them know that your account may be at risk for fraudulent activity.
- Contact Credit Reporting Bureaus: Contact the major consumer credit-reporting bureaus and ask each to place a fraud alert on your name. If anyone tries to steal your financial identity, you will be notified. In the U.S., fraud alerts, also known as credit alerts, are free and can be renewed every 90 days. U.S. residents can either request a credit alert online or call the bureau directly: Equifax (1-888-766-0008), Experian (1-888-397-3742), Innovis (1-800-540-2505) and TransUnion (1-800-680-7289). Each bureau is required to contact the other three if an individual requests a fraud alert, and consumers need not provide any reason.
- Sign up for a credit- or identity-monitoring service: Many services, both free and paid, will help monitor your financial accounts and sensitive personal information. BillGuard, for example, is a free online and mobile service that will keep track of charges on an unlimited number of payment cards. It also offers a paid identity-protection service.
The above best practices can go a long way towards minimizing the impact a data breach may have and businesses that are victims of breaches should make sure that their customers are aware that a breach has occurred, while also instituting the technologies to prevent breaches in the future. That said, the most important best practice is to ensure that a breach does not happen in the first place, and that can be accomplished securing your systems now and instituting better account policies and solutions such as MFA.