What if your personal data has been taken in a breach?

07.27.23 09:19 AM Comment(s)

Your Personal Data is Out There

Just this year there was a massive data breach at the Oregon DMV. The data taken included license numbers, addresses, last 4 of SSN, and of course first and last names. So, my data is out there and yours likely is too. According to the Identity Theft Resource Center there were 1802 data breaches in 2022. These breaches include usernames, passwords, SSN's, addresses, birth dates, phone numbers, and a myriad of other personal information. If you want to know if your information has been involved in any of them, you can check your email address at www.haveibeenpwned.com.

My personal email address has been involved in at least four data breaches and in 2019 a breach happened with my information that involved dates of birth, email addresses, employers, genders, geographic locations, IP addresses, job titles, names, phone numbers, and physical addresses. So even if the DMV hadn't been hacked this year my info is already out there! So what do you do to protect yourself when someone can likely get a hold of all of your personal information if they really wanted it?

What to Do About It

With the reality of your data being exposed, there are a few things you can do to make it less likely that your identity get's stolen. Here's a list of things we'd recommend (And it's the same list we recommended to our employees when the Oregon DMV was breached):

  • Place a freeze on your Experian, TransUnion, and Equifax accounts
  • Set up MFA on each account above
  • Freeze your credit in each account (If you do this you will need to remember to "unfreeze" it when you apply for additional credit)
  • Register for an ssa.gov account (using your login.gov account or other option)
    • Set up email notifications
  • Register for a myE-Verify account
    • Lock your SSN (read the details before doing so)
  • Here's some other things you could do: Reference
    • You could file a report with the IRS
    • You could file a report with the FTC at identitytheft.gov
    • You could request a new SSN from the SSA (you may need proof to this and is a process to do)
  • Finally, practice good cyber hygiene:
    • Check our cyber security basics
    • Use a password manager and use unique passwords
    • Enable Multi-Factor Authentication (aka 2-step verification)  wherever possible, especially on important accounts (like your email account)
    • Keep a good anti-virus on your computer and phone
    • Enable auto-updates (if possible) on your systems and keep them updated