What to Do If Your Personal Data Is Stolen
Follow these easy steps to protect your accounts online
En español | Almost every transaction you make — be it using a credit card, getting a blood test, posting on Facebook or collecting a paycheck or retirement benefit — gets captured in cyberspace and stored in databases operated by corporations, health care providers, government agencies and other organizations.
That data is a treasure trove for identity thieves. It's no wonder, then, that hackers are relentless in their attempts to break into the computers that store it. When they succeed, the result is a "data breach."
There was a record number of such breaches last year, with 2,644 documented incidents exposing some 267 million records, reports the Open Security Foundation, which tracks information security risks. Last year was also a big one for identity theft: One in 20 Americans was hit by this crime — that amounts to one every three seconds — at a total cost of about $21 billion. Half of known fraud victims had previously been subject to a breach, according to Javelin Strategy & Research.
Although you can't prevent data breaches, you can minimize your personal risk. Here's how:
Be sparing with your data. If you're asked on an application to provide your Social Security number, ask why. It may not really be needed. It's always safest not to store financial account information online for bill paying. But if you do, credit cards offer better protections than most debit cards or bank account numbers if compromised.
If the hacked company has your address, expect breach notifications to come by U.S. mail. Be suspicious of notification emails, especially those containing links or attachments (they may contain computer-infecting malware).
If your Social Security number was taken in a breach, your risk of ID theft is five times greater than the average consumer's. As soon as you can, place a fraud alert or security freeze on your credit report at the three big credit-reporting bureaus.
Say yes to added security. If the breached organization offers you a free monitoring service, take advantage of this extra layer of security. Only 20 percent of breach victims do.
Protect your medical records, which are especially prized in breaches because they fetch more on the black market than financial data. Read every letter you receive from medical insurers and providers — including those that say "this is not a bill" — to ensure that no one's been masquerading as you to get treatment. To be extra safe, ask for a listing of medical insurance benefits paid out in your name each year.
Keep tabs on recent breaches by going to sites like privacyrights.org/data-breach or idtheftcenter.org. Remember: Not all breaches are reported to victims.
Monitor your accounts, including your Social Security earnings record. Ask your bank or credit card issuers to set up free email alerts to notify you about activity on your account, including change-of-address requests.
Change your passwords frequently and order, for free, your credit report once every four months — once a year from each agency — at annualcreditreport.com.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.
Also of Interest
- 10 ways to protect your credit in a divorce
- 7 loans you should never cosign
- 9 common ailments that drive you crazy
- ACA questions? Check out our ACA Q&A page
Join AARP Today — Receive access to exclusive information, benefits and discounts