Here's What To Do After a Data Breach

Share this:

J.R. Tietsort

Chief Information Security Officer at Aura

In this article:

    Identity theft and fraud protection for your finances, personal info, and devices.

    See pricing
    Share this:

    How To Secure Your Identity After a Data Breach

    When you saw the email, you froze. Another data breach leaked sensitive information for millions of people. Except, this time you’re one of them.

    By now, we’re all familiar with how easily hackers can steal data from even the most trusted companies. Billions of account details have been leaked from Facebook, T-Mobile, Equifax, LinkedIn, and more. 

    And the numbers show no signs of slowing down. Research shows that data breaches increased 68% from 2020 to 2021 [*].

    But here’s the scary part. Your personal information could be compromised, even if you haven’t been affected by one of the hundreds of highly publicized data breaches. 

    With so much leaked data available to hackers, it might seem impossible to prevent identity theft. But it’s not a lost cause. 

    Here’s what to do as soon as you find out you’ve been the victim of a data breach.

    The "China Leak": Is This the Largest Data Breach of 2022?

    Data breaches have become commonplace in 2022. But the latest data leak out of China shows just how dangerous they’ve become — and how we’re all at risk.

    Here’s what happened:

    In July of 2022, a hacker on an underground forum claimed they‘d breached the Shanghai police database and was advertising the sale of over 23 terabytes of data on almost 1 billion Chinese citizens [*].

    The dataset supposedly includes:

    • Names and birthplaces
    • National ID numbers
    • Phone numbers
    • Medical records
    • Police reports

    With even just a few of these data points, scammers could steal identities

    The asking price? Only 10 Bitcoins — or the equivalent of around $200,000 at the time of writing.

    Why is the 2022 "China Leak" such a big deal?

    Not only is this one of the largest data breaches of all time, but it comes less than a year after China imposed strict laws and regulations on data protection. China’s Personal Information Protection Law was supposed to protect sensitive data, but hackers were still able to break in.

    Why should you care about a data breach in China?

    Chinese officials haven’t officially responded to the breach (and searches on Weibo and other Chinese social media sites have been censored or blocked).

    But even without being confirmed, the China leak shows us one scary truth: even highly protected and valuable data can be compromised.

    Data breaches are everywhere. With companies from T-Mobile to Facebook to LinkedIn getting hacked, you can almost be 100% sure that your data and information is online somewhere. To protect yourself from identity theft, fraud, or hacking, you need to be proactive about your digital security.

    Follow These 8 Steps After a Data Breach

    1. Confirm the breach has happened (but be cautious of emails)
    2. Find out what sensitive data was stolen and is available to hackers
    3. Secure your log-ins, passwords, and PINS, and add 2FA/MFA
    4. Set up a fraud alert or credit freeze
    5. Take special steps for healthcare, government, and financial breaches
    6. Carefully consider the free support offered by breached companies
    7. Monitor other accounts and your credit file for suspicious activity
    8. Sign Up for an identity theft monitoring service

    1. Confirm the breach happened (but be cautious of emails)

    Data breaches are often in the news. But the first place you’re most likely to hear that you’ve been affected is in an email from the impacted company. 

    State law mandates that companies need to disclose data breaches. Unfortunately, some hackers use these emails as an opportunity to steal your information even if there hasn’t been a leak. 

    Fake breach emails — known as “phishing emails” — use our fear and emotional response to hacks to get us to act irrationally. A hacker will send an email claiming to be an impacted company and ask you to either:

    1. Click a link (which could download malware to your device and allow them to hack your email). 
    2. Confirm your account details (which will go straight to the hacker). 

    If you get a breach email, don’t click any links or respond to the message as someone could be trying to scam you online.

    Before you take action, confirm the breach by visiting the organization's website or searching the web.

    If the breach is real, you’ll find news alerts online and a data breach notification on the website or your account page. 

    📚 Related: How To Tell If An Email Is From a Scammer [With Examples]

    2. Find out what sensitive data was stolen

    Next, find out what information was stolen. This helps you to understand what types of identity theft you're at risk of and how you can mitigate the damage that hackers can do. 

    For example, a cybercriminal can do much more damage with your Social Security number than an unused account username. 

    Companies will often notify you of what information was breached in an email, account notification, or FAQ. But what can criminals do with each piece of your data? 

    Here are the most common data targets hackers go after and what they can do with them:

    • Email — Thieves can use your email to send spam and attempt to log into other accounts that share the same email. For example, thieves may log into your bank using your Facebook email.
    • Encrypted passwords — Most sites encrypt passwords. But hackers use software to crack weak ones within minutes or hours. Once they have access to your passwords, they’ll try them on as many accounts as possible. (This is why you should never reuse passwords across accounts.)
    • Full name — Hackers use your name to find other  publicly available information about you in your online footprint. With enough information, they can commit identity theft.
    • Phone number — Cybercriminals can use your phone number for spam calls, identity theft, and SIM-jacking. This is where a thief claims your number for their own and receives all your texts and incoming calls.
    • Home address — An exposed address can put you at risk of change-of-address scams, tax fraud, and other forms of identity theft.
    • Credit card numbers — Thieves can use stolen credit card details to pay for goods online or buy gift cards that can’t be traced (a scam called “carding”). This is even if they don’t have your physical card.
    • Social Security number (SSN) — Your Social Security number is perhaps the most vulnerable piece of information a thief can steal. With your SSN, they can commit identity theft, tax fraud, unemployment scams, loan fraud, and much more. (Plus, it's not always possible to change your Social Security number – even after identity theft.)

    Once you know what personally identifying information is vulnerable, it’s time to protect yourself.

    3. Secure your log-ins and add 2FA/MFA

    Once you know your data has been compromised, you need to secure your accounts and limit the damage hackers can do. If you’re lucky, you’ll update your information before anyone even accesses your account. 

    Start by changing all your passwords. Choose a new one that is at least 12 characters long and combines upper and lowercase letters, numbers, and symbols. Also, don’t include any personally identifiable information like birthdays or pet names. 

    Statisa stats on how to create a strong password
    Source: Statista

    To keep track of your new, more secure passwords, consider a password manager. This is a secure tool that records your strong passwords automatically so you don’t have to worry about forgetting them. 

    Next, set up two-factor or multi-factor authentication (2FA/MFA) on any account that allows it. 

    This is an extra security measure that requires a one-time-use code in addition to your username and password to log into an account. Many people use text messages (SMS) to receive their 2FA code. But this can be compromised by hackers. 

    Instead, try using an authenticator app like Google Authenticator or Okta.

    4. Set up a fraud alert or credit freeze

    Credit and financial theft is the biggest target for identity thieves. After a data breach, you’ll want to set up a few fraud prevention safeguards to make sure your accounts haven’t been compromised.

    → The first option is to set up a fraud alert:

    A fraud alert requires credit companies to identify you before verifying a credit approval. This makes it much more difficult for a criminal to open new accounts or take out loans in your name. 

    Set up a fraud alert immediately by contacting one of the three major credit bureaus — Equifax, Experian, or TransUnion. According to federal law, the receiving bureau must share the alert with the other two. 

    A fraud alert lasts for a year unless you cancel it sooner. If you cancel it early, you’ll need to contact each credit bureau individually.

    → The second option is to set up a credit freeze:

    A credit freeze blocks all credit inquiries without affecting your credit score. Because it blocks all credit, you’ll need to disable it if you apply for a loan or buy a house or car.

    You’ll need to set up a credit freeze individually at each of the three credit bureaus. The safest practice is to keep your credit frozen at all times and only unfreeze it when you need to apply for credit. 

    Pro tip: Aura lets you lock your Experian credit file with a single click so you can easily keep your credit safe from hackers.

    Aura credit monitoring service
    Source: Aura Fraud Protection

    5. Take special steps for healthcare, government, and financial breaches

    Depending on the type of breach you’ve suffered, there may be additional steps you should take to protect yourself.

    → Extra steps to take after a healthcare data breach

    Healthcare breaches come from hospitals, health insurance or other providers. These leaks can lead to medical fraud or even blackmail. 

    Here are a few extra steps to take after a healthcare data breach:

    1. Ask your doctor and health insurance provider for copies of your most recent medical records and benefit statements. Verify each item to make sure someone else isn’t using your benefits.
    2. Contact your health care providers for a list of anyone with whom they’ve shared your information. Look for any unfamiliar organizations, conditions, or insurance claims. Legally, you have the right to request this information once per year, free of charge.
    3. Be cautious of bills for medical procedures you don’t know about. Respond and inform the collector that you may be the victim of identity theft.
    4. Review your Health Savings Account (HSA) and Flexible Spending Account (FSA), if applicable. Make sure thieves have not accessed the funds in these accounts.
    → Extra steps to take after a government data breach or tax fraud

    If a government agency is responsible for the data breach, you might need to take additional steps. This includes breaches from federal, state, or other government agencies, including the military. (Government data breaches can lead to military or veteran fraud).  

    In most cases, the impacted agency should reach out with guidance of what to do. But be cautious of any communication claiming to be from the government, especially emails and texts. 

    Another relatively common type of identity theft is tax fraud. This is where a thief uses your data to claim a tax refund in your name. If you receive a letter from the IRS informing you that someone else has filed a tax return in your name, follow the instructions provided in the letter.

    → Extra steps to take after a financial account breach

    If the breach has come through a financial account — like a credit card company or bank — take extra precautions to protect your data.

    1. Call the card issuer, ask them to invalidate your credit card or debit card, and request a new one.
    2. If you see suspicious charges, contact the fraud department at the organization to begin resolving the charges.
    3. You may also need to take steps to help repair your credit after identity theft.

    These steps are important to take on your own, but some additional help may also be available.

    6. Consider the free support offered by breached companies

    Many companies offer free services as part of their breach responses. These can include credit report monitoring or other ways of protecting your sensitive data.

    These offers aren’t a guarantee against identity theft or financial harm. And you should still protect yourself from the breach in the other ways we’ve listed. 

    Also, take any offer of support with a grain of salt. Companies ultimately need to minimize the damage, and cost, of a data breach. And sometimes accepting their help can limit your options for seeking other damages. 

    For example, Equifax offered free credit monitoring after a 2017 data breach leaked data on 143 million US citizens. But some attorneys cautioned that the terms of service included in this "help" could limited you from joining class-action lawsuits against the company [*]. 

    Either way, save any communication you receive from the company, like emails or letters. This documentation may be necessary later on as you work to protect your information.

    7. Monitor other accounts for suspicious activity

    Once your sensitive information has been leaked in a data breach, it can lead to other forms of fraud and identity theft. Just because a company says the leak has been resolved, doesn’t mean your data is safe. 

    After a breach, be especially mindful of: 

    • Suspicious activity on your online accounts and financial statements. This includes credit or debit card charges you don’t recognize or unfamiliar activity in your bank account.
    • Unfamiliar credit inquiries, additional debt, and new accounts in your name. You can request a free credit report from each bureau once a year at
    • Strange calls, emails, texts, or letters. Look for suspicious activity like failed login attempts or collection calls for unfamiliar bills.

    Unfortunately, when we finally see the warning signs of identity theft, it’s often too late.

    That’s why Aura takes care of almost all of these issues for you. With Aura, you get near-real-time credit and identity monitoring, fraud alerts, protection from malware and phishing attacks, and even a $1 million insurance policy for eligible damages resulting from identity theft. 

    8. Sign up for an identity theft monitoring service

    Aura online identity theft protection
    Is your identity at risk from a data breach? Sign up for Aura's #1-rated identity theft protection

    Some of the most critical tasks for cybersecurity protection are difficult or nearly impossible for humans to do. We can’t spend all day scanning our credit statements, Dark Web archives, and up-to-date breach information.

    That’s why millions of Americans use an identity and credit monitoring service like Aura. Even if you have no idea what to do if your identity is stolen, Aura has your back.

    Aura protects the entire family, including children, who are particularly susceptible to identity theft

    It also secures your devices and Wi-Fi network from malware and phishing attacks so you can continue to browse, shop, and use social media while staying safe.

    But what if you suspect a cybercriminal has already taken advantage of your data? 

    📚 Related: Aura vs. LifeLock: What's the best identity theft protection for 2022? →

    The Most Recent Data Breaches: Were You Impacted?

    2021 was a record year for data breaches and cyber attacks, with 1,862 major breaches, according to the Identity Theft Resource Center [*].

    If you use any of these services, your sensitive information could be at risk:

    • Facebook: Over 550 million Facebook users had their data published online, including Facebook IDs, names, dates of birth, locations, and relationship statuses.
    • T-Mobile: The most recent T-Mobile data breach in 2021 exposed data for 50 million users, including names, addresses, SSNs, driver's licenses, and device information.
    • MeetMindful: 2 million users of the dating app had their PII stolen and leaked by a hacking group. (Data breaches are just one of the many dangers of online dating you should be aware of.)
    • Volkswagen, Audi: Over 3.3 million owners and potential buyers of the car brand had their data leaked, the majority of which were from the U.S.
    • Neiman Marcus: Over 3.1 million customers had their payment card information leaked.
    • Robinhood: Close to 5 million users of the trading app had their email addresses, phone numbers, and more leaked.

    These are just some of the most recent data breaches.

    Remember, you can see what data has been leaked by hackers using Aura’s Dark Web Scanner.

    Were You the Victim of a Data Breach? Do This

    If you’ve discovered you’re a victim of identity theft after a security breach, what do you do?

    Unfortunately, hackers can move quickly, and even the fastest response to a personal data breach can be too late. Here’s what to do if you believe a criminal has stolen your identity:

    1. Secure your accounts. Update your passwords to be more secure. Set up a password manager. Enable 2FA using an authenticator app. 
    2. File a report with the Federal Trade Commission (FTC). Go to and report the theft. This will provide you with necessary documentation you may need to provide to resolve fraudulent charges. 
    3. File a report with the police. A law enforcement report can also provide documentation to help you resolve the fraud.
    4. Call the impacted organizations and report the fraud. Call the affected companies and ask for the fraud department. Explain you are the victim of identity theft. You can usually reverse charges for credit card fraud and similar types of activity.
    5. Freeze your credit and set up fraud alerts. Freezing your credit makes it harder for criminals to get access to your accounts or take out new credit in your name. 

    How To Protect Your Private Info From Hackers

    While you can’t take back exposed data, you can protect your data from future breaches. Here’s how:

    → Reduce the amount of data you share

    The first and simplest recommendation is to reduce the amount of data you share online. This includes social media. 

    Decide carefully before creating new accounts. Consider deleting accounts you don’t use and removing extra account details. These can be forgotten about during a data breach. For example, if you have a credit card on file with a company or website you don’t use very often, remove it. 

    → Use unique log-in details for each account you create

    One of the best ways to protect yourself in the event of a breach is to make data hard to transfer. Don’t give hackers a skeleton key to your digital life by using the same email address, log-in, and password for every account.

    Instead, use a unique password on each site and consider using different email accounts. For example, you could create one email address for newsletters and social media and another email for financial accounts.

    A simple option for Gmail users is to use the + symbol to create an infinite number of addresses that all route back to you.

    For example, instead of, you can use or All your emails will still go to your inbox. But hackers can’t log into your bank with the address leaked from Facebook.

    Another benefit is that it can help you immediately spot phishing emails. For example, if you receive a bank notification at any address other than, you know it’s a phishing scam.

    → Use every digital security measure at your disposal (2FA, credit freeze, etc.)

    The final way you can protect your data from third-party breaches is to set up safeguards that thwart even a thief with your data. For example: 

    • Two-factor authentication (2FA) makes your accounts much harder to hack, even if a thief has your username and password.
    • A credit freeze will decline loans to a thief who impersonates you.
    • Strong antivirus and VPN solution protects your devices against malware and Wi-Fi hacking.
    • Credit and identity monitoring will alert you as soon as anyone tries to use your information without your permission. 

    The Bottom Line on Protecting Yourself From Data Breaches

    It feels like there’s very little we can do during a breach. We’ve entrusted our data to a third party, but that organization has betrayed that trust with poor data security and open vulnerabilities.

    And for those who haven’t been victims of a breach, the question is not if a breach will reveal information, but rather when it will happen. 

    So stay vigilant. Protect your accounts with unique passwords. And most importantly, use every security measure at your disposal to keep your personal and financial information safe and secure. 

    Ready for ironclad identity theft protection? Try Aura 14-days free.

    Related Articles

    how to know if your identity has been stolen
    Identity Theft

    Here's How To Know If Your Identity Has Been Stolen

    Nearly 50% of Americans have experienced identity theft. Here's how to find out if someone has stolen your identity.

    Read More
    September 26, 2022
    victim of fraud

    Victim of Fraud? Here's a Recovery Checklist

    The best thing you can do if you’re the victim of fraud is to act fast! Follow this checklist to secure your accounts and restore your stolen funds.

    Read More
    June 6, 2022

    Try Aura—14 Days Free

    Start your free trial today**

    This is some text inside of a div block.

    Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

    1. Financial identity theft and fraud
    2. Medical identity theft
    3. Child identity theft
    4. Elder fraud and estate identity theft
    5. “Friendly” or familial identity theft
    6. Employment identity theft
    7. Criminal identity theft
    8. Tax identity theft
    9. Unemployment and government benefits identity theft
    10. Synthetic identity theft
    11. Identity cloning
    12. Account takeovers (social media, email, etc.)
    13. Social Security number identity theft
    14. Biometric ID theft
    15. Crypto account takeovers