This guide is to give you a high-level idea of how to respond to a data breach. Though we tried to cover the information in detail, the nature of data that was breached and procedures followed in different countries may be different.
Confirm if your information was part of a breach
You may receive communication from your service provider from whom the data got breached or You may use services such as haveibeenpwned.com to know which details were breached.
Typically, data that is involved in data breaches are phone numbers, contact e-mail addresses, bank account details, physical address, health information or credit information
Check if the breach impacted your data/finances in any way
Check your bank accounts to check if any fraudulent activity was done based on breached information and reach out to your bank.
Check your e-mail account or phone for notifications related to transactions that were not performed by you. e.g. insurance claims or signs of identity theft
Change passwords of your online accounts
Change passwords of your accounts that were involved in the breach. Additionally change passwords of all accounts where you used the same password.
It is a good practice to change your passwords frequently as it protects your data from being misused before the breach data is made public. Use a password manager to ensure that you use strong passwords and avoid reusing passwords.
Ask for a re-issue of your card or change your banking credentials
Change your card details in case your card number, CVV were part of the breach. Your card details maybe used in another country to make transactions which makes it easier to recover your money.
Beware of spammers or fraudsters trying to steal your data
Beware you may be approached by spam callers or online fraudsters who may trick you into revealing more information based on your information available from the breach