What you should do if you've been a victim of a data breach or had your ID stolen

Posted at 7:40 AM, May 25, 2021
and last updated 2021-05-25 07:40:25-04

2020 was a year most of us won't soon forget. While many of us were working and going to school at home, cybercriminals were busy breaking into our accounts.

More than 150 million people had their personal information exposed last year – passwords, phone numbers, financial data. Consumer Reports runs down how to regain control of your accounts and protect your personal data after the next data breach.

On April 15, 2019, Consumer Reports' Tech Editor Nicholas De Leon got alerts saying he signed up for several credit cards.

"I didn’t know what was happening. I hadn’t signed up for any new credit cards," he said.

Since he hadn't received a notice about a data breach, he checked online to see where his personal information was compromised.

“It was scary. It was stressful. And the worst part was that I was on the hook to clean up the mess," he said.

Sometimes companies will contact you to let you know if you're a victim of a data breach, but you can also do some digging online to find out yourself.

The website, pawned spelled pwned, will tell you if it's your email address, phone number or password.

“If your password was compromised, change it everywhere you used it," Bree Fowler said.

Though convenient, it's a good reminder not to re-use passwords.

Don't worry about having to remember new ones, a password manager does that for you.

Consumer Reports recommends one called One Password, which creates and stores complex, unique passwords for each of your accounts.

Since cybercriminals can use your personal information to try to log in, use multi-factor authentication, which requires a second form of ID to log in.

If your Social Security Number or financial information were part of a breach, CR says freezing your credit is a smart option since it restricts access to your credit history.