What to do after a data breach

Getting an email from Mozilla Monitor about a security incident can be alarming, but there are steps you can proactively take to protect your accounts and limit the damage:

  • Read the details about the breach and resolve it in Mozilla Monitor: Read closely to learn what happened. What personal data of yours was included? Your next steps will depend on what information you need to protect. See Resolve breaches with Mozilla Monitor for more information.
  • Change your passwords: Lock down your account with a new password. If you can’t sign in, contact the website to ask how you can recover or shut down the account. See an account you don’t recognize? The site may have changed names, or someone may have created an account using your email address.
  • Use two-factor authentication: Use two-factor authentication on all your online accounts to provide an extra layer of security.
  • If you’ve used that password for other accounts, change those too: Hackers may try to reuse your exposed password to get into other accounts. Create a different password for each website, especially for your financial accounts, email account and other websites where you save personal information.
  • Watch out for phishing scams: Be wary of any unsolicited emails or text messages that ask for personal information or login details. Do not click on any links in these messages.
  • Monitor your financial accounts: Keep an eye on your bank and credit card statements for any suspicious activity. Report any unauthorized transactions to your bank immediately.
  • Review your credit reports: If you have a credit history in the US, check your credit reports for suspicious activity. Make sure that no new accounts, loans or credit cards have been opened in your name.
  • Consider placing a fraud alert or a credit freeze on your credit report: A fraud alert will let you know if someone tries to open a new account in your name. A credit freeze blocks many entities, such as creditors, from seeing your report. Locking down your credit report behind a freeze makes it more difficult for bad actors to open a credit in your name.
  • Keep a record of your actions: Document the steps you've taken to protect yourself in case you need to prove to a financial institution or credit bureau that you have taken action.
  • Contact the appropriate parties: If the breach occurred at a business or organization, contact them and find out what they are doing to remedy the situation. Also, keep an eye out for updates and announcements from the organization that had the data breach, as they may provide important information on how to protect yourself.

At the end of the day, there is little any of us can personally do to stop data breaches. The longer you’ve lived online, the bigger your digital footprint, and with that come greater security risks. However, there is plenty you can do to protect yourself in anticipation of one, such as keeping all your software, devices and operating systems up to date, creating strong, unique passwords from the start and using two-factor authentication whenever it is available.

Related Content

Learn more

Was this article helpful?

Please wait...

These fine people helped write this article:

Illustration of hands

Volunteer

Grow and share your expertise with others. Answer questions and improve our knowledge base.

Learn More