Since we can’t depend on companies to protect us, what can we do to protect ourselves? Here are a few steps you can take both before and after a breach:
- Set up a strong password – Yes, I know you’ve heard this before, but a strong and secure password is one of the first lines of defense. Creating and remembering a complex and unique password for every account is virtually impossible. That’s why you should turn to a good password manager to do the hard work. As more sites and services support passkeys, that’s another option to consider. If your account has been affected by a data breach, changing your password is the first action you’ll want to take. Just ensure it’s a strong one that can’t easily be hacked.
- Use two-factor authentication – Any attacker who brute-forces one of your passwords can now easily sign in to the associated account, but not if you use the right type of two-factor authentication (2FA). With 2FA, your account remains off-limits unless you provide the correct confirmation. Your best bet is to use an authenticator app or a physical security key, as both are stronger than SMS authentication. Turning on 2FA is another action to take following a breach. Many major websites now support 2FA, so you should be able to set up this authentication method without too much effort.
- Watch out for scams – The Dell hacker grabbed names, phone numbers, email addresses, and physical addresses, and then sold them on the dark web. On a practical level, you can’t readily change any of those. That’s why you need to be alert for criminals who try to use your phone number or email address to run spoofing and phishing scams.
- Monitor your credit – Add up all the stolen data, and identity theft becomes a real possibility. To protect yourself, check your credit reports across the three major services: Experian, Equifax, and TransUnion. In some cases, you may have to freeze your credit to ensure no one can open new accounts or take out loans in your name.
