What to do after a breach
You just found out your data has been leaked. Maybe you received an email from a company saying your information was compromised, or you discovered your email on a breach database. What now?
The moments after a breach are critical. The faster you act, the better your chances of minimizing the damage. Whether it’s your email, passwords, banking details, or even Social Security number that’s been exposed, this guide will walk you through the essential steps to take after a data breach.
1. Confirm the breach: has your data really been leaked?
Before panicking, verify whether your data was actually compromised. Some breach alerts can be false alarms, while others might understate the severity.
Check for Your Information in Breach Databases:
- Use Have I Been Pwned to check if your email or phone number has appeared in known breaches.
- If it was a financial breach, contact your bank or credit card provider to confirm whether your details were affected.
- Check the company’s official website or news reports to verify the scope of the breach.
Be cautious!
Phishing emails can claim your account has been hacked—hackers often use fake breach alerts to trick you into giving them even more information. Always verify breach notifications from official sources.
2. Change your passwords immediately
If your password was exposed, it’s now useless—hackers have it. Changing your password is the first and most important step to securing your account.
DO NOT reuse an old password. Hackers test leaked passwords on other sites in credential stuffing attacks.
Create a Strong New Password:
- At least 12-16 characters long
- A mix of uppercase, lowercase, numbers, and symbols
- Avoid real words—use a random combination or a passphrase instead
An example of a weak password:
Summer2025
An example of a strong password:
yQ7!dKzT$1mN8@xUse a Password Manager:
A password manager (like Bitwarden, 1Password, or LastPass) can generate and store strong passwords for you, so you don’t have to remember them all.
3. Enable Two-Factor Authentication (2FA) on all accounts
Even if your password is leaked, 2FA can prevent hackers from accessing your account.
Best 2FA Methods:
- Authenticator Apps (Google Authenticator, Authy, Microsoft Authenticator)
- Hardware Security Keys (YubiKey, Titan Security Key)
Avoid using SMS-based 2FA if possible!
Hackers can steal your phone number through SIM swapping and intercept text codes. Authenticator apps are much more secure.
4. Monitor your financial accounts & freeze your credit
If banking details or credit card information were stolen, act fast to prevent fraud.
For Stolen Credit/Debit Card Information:
- Contact your bank immediately and request a new card.
- Set up transaction alerts to catch any suspicious activity.
- Dispute unauthorized charges as soon as they appear.
If Your Social Security Number Was Leaked:
- Freeze your credit with major credit bureaus (Experian, TransUnion, Equifax) to prevent identity theft.
- Enroll in credit monitoring to receive alerts for suspicious activity.
Warning: If a hacker opens a credit card or loan in your name, it could take months to fix. Freezing your credit is free and prevents this from happening.
5. Check for unusual account activity
Hackers may have already accessed your accounts before you even realize they were breached.
Look for:
- Unexpected password reset emails
- Logins from unknown locations or devices
- Sent messages you didn’t write
- Unauthorized transactions
Check your email's "Sent" folder if hackers accessed your email, they might have forwarded messages to themselves or set up email forwarding rules to spy on you.
Revoke unauthorized devices and sessions in your account settings.
6. Beware of phishing attacks targeting breach victims
Hackers know that when a breach happens, people panic. They take advantage of this by sending phishing emails disguised as security alerts.
Common Phishing Scams After a Breach:
- Fake emails from "support teams" asking you to reset your password (on a fake site).
- Messages claiming "unusual activity detected" and urging you to click a link.
- Fake offers for credit monitoring that actually steal more of your data.
How to Spot a Phishing Email:
- Look at the sender's email address—does it match the company's real domain?
- Hover over links before clicking. If it’s not the official website, don’t click.
- Bad grammar and urgent language are red flags.
If you're ever unsure, go directly to the company's website instead of clicking links in emails.
7. Delete or secure other at-risk accounts
If you’ve been using the same password across multiple accounts (which you shouldn’t be!), other accounts are now at risk too.
Do a security audit:
- Delete old, unused accounts.
- Change passwords for any account using the same credentials as the breached one.
- Update security settings on social media, banking, and email accounts.
Important!
If your main email account was breached, reset passwords for everything linked to that email—it’s the key to your entire digital life.
8. Consider identity theft protection services
If your most sensitive data (Social Security number, banking info, tax details) was exposed, it might be worth enrolling in an identity theft protection service.
Top Services:
- LifeLock (Monitors SSN and credit reports)
- Identity Guard (AI-powered fraud detection)
- Experian IdentityWorks (Credit lock and monitoring)
Some companies offer free identity theft protection if their breach exposed your data—check their announcements.