Post Date: July 22, 2022
What are the next immediate steps?
If your information is found on the dark web, here are recommended steps you can take:
- Lock the account of users whose credentials have been affected and force them to change their password on the next sign-on.
- After changing passwords in all affected accounts, and as an added precaution, change the security questions on these accounts as well.
- Consider adding 2-factor authentication or MFA to affected accounts to help prevent account takeover attacks.
- Enroll affected users in phishing training and simulations.
- Check if other similar passwords have been compromised by doing a Live Password search at Insecureweb.com.
Credit Identity, credit cards or IDs
- Place a credit freeze with each credit bureaus (Equifax, Transunion, and Experian) to help protect unwanted people from opening credit in your name.
- Obtain a credit report and check for any accounts or charges you don’t recognize. Continue to check your reports annually. Be sure to obtain all three of your credit reports. If you experience identity theft, you can use these credit reports as part of the process of restoring your credit.
Social security number (SSN):
- According to the Federal Trade Commission (FTC) IdentityTheft.gov website, there are precautions you should take when your SSN has been involved in a data breach.
- Create a mySocial Security account with the Social Security Administration. You are doing this to claim your Social Security number and ward off anyone else from creating an account in your name. Review your earnings on your Social Security Statement to ensure your information is correct. Note: if you have a freeze implemented on your credit, you need to lift it before creating a new mySocial Security account.
- Report SSN fraud to the Social Security Administration.
- Tips to protect your SSN
Credit card or bank account:
- Contact your credit card issuer or lender so they can help you close the account and open a new one and set up fraud alerts.
- Contact your state’s Department of Motor Vehicles office to report your number stolen/compromised.
Contact the U.S. Department of State, Bureau of Consular Affairs fraud department.