What to Do After a Data Breach

A data breach means information held by a company, school, employer, health provider, government agency, or other organization was exposed or stolen. The exposed information might be minor, like an email address, or highly sensitive, like a Social Security number, financial account number, or medical record.

The right response depends on what information was exposed. You do not need to panic, but you do need to act quickly and match your next steps to the level of risk.

In this guide, you’ll learn what to do after a data breach and how to protect your accounts, credit, and identity.

TL;DR: Quick Decision Guide

• If only your email was exposed → watch for phishing and change passwords if needed.
• If your password was exposed → change it immediately and anywhere else you reused it.
• If your Social Security number was exposed → freeze your credit with all three bureaus.
• If bank or card information was exposed → contact the financial institution and monitor transactions.
• If your information was misused → report identity theft at IdentityTheft.gov.

Step 1: Read the Breach Notice Carefully

A breach notice should explain what happened, what information was exposed, and what the company is offering to help. Do not skim past this part. Your response depends on the type of information involved.

Look for whether the breach included:

• Name and address
• Email address
• Phone number
• Passwords
• Social Security number
• Driver’s license number
• Bank account information
• Credit or debit card information
• Health insurance or medical information
• Date of birth
• Security questions or account recovery information

The FTC tells consumers who receive a data breach notice to visit IdentityTheft.gov/databreach for steps based on what information was exposed.

What to do:
Save the notice. If the company offers free credit monitoring, identity monitoring, or account protection, review the offer and deadline. Enroll only through the official notice or the company’s verified website, not through random emails or ads.

👉 Compare: Identity Protection Tools in the Marketplace →

Step 2: Change Exposed Passwords

If a password, username, or login credential was exposed, act quickly. A stolen password can be tested across other websites, especially if you reused it.

What to do:

• Change the password on the affected account.
• Change it anywhere else you used the same or similar password.
• Use a strong, unique password.
• Store it in a password manager.
• Turn on two-factor authentication.
• Review recent account activity.

If your email password was exposed, treat it as urgent. Email can be used to reset passwords for bank, shopping, social media, and payment app accounts.

Smile Money Tip:
A breached password is not just one account problem if you reused it. Fix the reused-password chain first.

Step 3: Protect Your Credit if Sensitive Information Was Exposed

If the breach exposed your Social Security number, date of birth, address, or driver’s license number, the risk is higher. Someone may try to open credit in your name.

A credit freeze limits access to your credit report, making it harder for identity thieves to open new credit accounts. The CFPB recommends that identity theft victims place fraud alerts or security freezes, file at IdentityTheft.gov, and protect their credit history and finances.

What to do:

• Freeze your credit with Equifax.
• Freeze your credit with Experian.
• Freeze your credit with TransUnion.
• Place a fraud alert if you believe your information may be misused.
• Check your credit reports for unfamiliar accounts or inquiries.
• Keep your freeze login details somewhere secure.

A fraud alert only requires contacting one credit bureau. A credit freeze must be placed separately with each bureau.

👉 Related: How to Freeze Your Credit With Equifax, Experian, and TransUnion →

Step 4: Monitor Financial and Medical Accounts

Not all breach damage shows up on a credit report. If financial, health, or insurance information was exposed, monitor the accounts tied to that information.

What to do:

• Review bank and credit card transactions.
• Replace cards if the issuer recommends it.
• Watch for small test charges.
• Review insurance statements and medical explanation of benefits.
• Look for bills for care you did not receive.
• Contact the provider or insurer if something looks unfamiliar.

If bank account numbers were exposed, ask your bank what protections are available. If a debit card or credit card number was exposed, ask whether the card should be replaced.

Step 5: Watch for Follow-Up Scams

After a breach, scammers may use the news to send fake “security” messages. They may pretend to be the breached company, a credit bureau, a bank, or an identity protection service.

Be cautious of messages that say:

• “Click here to secure your account.”
• “Confirm your Social Security number.”
• “Pay to activate protection.”
• “Your account will be closed.”
• “Call this number immediately.”
• “Download this security tool.”

What to do:
Do not click links in unexpected breach-related emails or texts. Go directly to the company’s official website or use the contact information in the mailed breach notice.

Common Mistakes to Avoid

• Ignoring the breach notice
• Changing only one password when the password was reused elsewhere
• Freezing only one credit bureau
• Assuming credit monitoring prevents identity theft
• Clicking links in fake breach follow-up emails
• Waiting until fraud appears to take basic protection steps

What to Do If Your Information Is Misused

If someone uses your information after a breach:

• Report identity theft at IdentityTheft.gov.
• Contact the company where fraud happened.
• Freeze your credit with all three bureaus.
• Place a fraud alert if needed.
• Dispute fraudulent accounts or charges.
• Save the breach notice, reports, letters, and confirmation numbers.

IdentityTheft.gov provides step-by-step recovery guidance to help limit damage, report identity theft, and fix credit problems.

👉 Related: How to File an Identity Theft Report With the FTC →

FAQs

Final Thought

A data breach does not automatically mean your identity will be stolen, but it is a signal to tighten your defenses. Match your response to what was exposed.

Start with passwords, then protect credit, monitor accounts, and report identity theft if your information is misused.

Next Steps:

• 👉 Learn: What to Do If Your Social Security Number Was Stolen →
• 👉 Read: How to Check Your Credit Report for Signs of Identity Theft →
• 👉 Read: How to Recover From Identity Theft Step-by-Step →
• 👉 Compare: Identity Protection Tools in the Marketplace →