Scute Logo Scute
guides

Your Data Was Breached: Here's Exactly What to Do Next

Scute Team

Audio Version

Listen to this article

Prefer audio? This article is narrated with ElevenLabs Audio Native for a simpler listening experience.

Loading the ElevenLabs Audio Native player for Your Data Was Breached: Here's Exactly What to Do Next...

Your Data Was Breached: Here’s Exactly What to Do Next

You open your inbox and there it is: “We regret to inform you that your personal information may have been compromised.” Your stomach drops. Your mind races. What do they have? What do I do? Am I already too late?

You’re not alone. In 2026 alone, TransUnion exposed 4.4 million customer records, Navia Benefits leaked 2.7 million Social Security numbers, and Odido compromised 6.2 million customers. Millions of records, gone — just like that. And these breaches rarely come from some Hollywood-style hacker in a dark room. They come from unmonitored systems, vendor security gaps, and credential reuse — boring, preventable failures that put your data at risk.

Here’s the good news: what happens to your data after a breach depends almost entirely on what you do in the first 24 to 48 hours. You have more control than you think. Let’s walk through exactly how to protect yourself.

First, Verify the Breach Is Real

Before you do anything, make sure the breach notification is legitimate. Scammers love sending fake breach alerts to trick you into handing over even more personal information — the irony is painful, but it’s real.

Here’s how to confirm:

  1. Go directly to the company’s official website. Type the URL yourself or use a bookmark. Do not click any links in the email you received.
  2. Look for a breach notice on their site. Most companies will post a dedicated page with details about the incident.
  3. Check haveibeenpwned.com. Enter your email address to see if it appears in any known breach datasets. This free service tracks billions of compromised accounts.
  4. Search for news coverage. A real breach affecting millions of people will have news articles from reputable outlets.

Watch out: A phishing email might say “Your account has been compromised — click here to secure it immediately.” That urgency is designed to bypass your judgment. Real breach notifications tell you what happened and direct you to the company’s website — they don’t demand you click a link right now.

If the breach is confirmed, your next step is figuring out exactly what data was exposed. The company’s notification should tell you, but if it’s vague, check their website or call their support line.

Understand What Was Exposed

Not all breaches are created equal. The type of data that was exposed determines how urgently you need to act and which steps to take. Here’s how to think about it:

Critical — Act Immediately

  • Social Security number: This is the master key to your identity. A criminal can open credit accounts, file tax returns, and commit medical fraud — all in your name.
  • Financial account numbers: Bank accounts, credit card numbers, and routing numbers give direct access to your money.
  • Medical records: These can be used for insurance fraud and are extremely difficult to correct once compromised.

High — Act Today

  • Email and password combinations: If you reuse that password anywhere (be honest), every account sharing it is now vulnerable.
  • Date of birth: Combined with your name, this is enough to pass many identity verification checks.
  • Driver’s license number: Can be used to create fake IDs or commit identity fraud.

Moderate — Act This Week

  • Name, address, and phone number: On their own, these are low risk. Combined with other data, they help criminals build a complete profile of you.
  • Email address alone: Expect more phishing attempts and spam, but your accounts aren’t directly at risk unless passwords were also exposed.

First 24 Hours: Immediate Actions

Speed matters. The faster you act, the smaller the window for criminals to use your data. Here’s your first-day checklist.

Change Your Passwords Now

Start with the breached service, then move to every other account where you used the same password. Be honest with yourself — most people reuse passwords more than they’d like to admit.

  1. Change the password on the breached account immediately
  2. Change the password on every account where you reused it
  3. Make each new password unique — at least 16 characters, random, and nothing you’ve used before
  4. Start using a password manager to generate and store your passwords going forward

See our guide on Password Managers: Your Digital Security Blanket for help choosing one.

Enable Two-Factor Authentication

Two-factor authentication (2FA) adds a second layer of protection so that even if someone has your password, they still can’t get in. Turn it on for the breached account first, then enable it everywhere you can — especially email, banking, and social media.

Not sure how? Follow our Two-Factor Authentication guide for step-by-step instructions.

Contact Your Bank

If financial data was exposed — credit card numbers, bank account numbers, or anything related to your finances — call your bank and credit card companies right away.

  • Request new card and account numbers
  • Ask them to flag your account for suspicious activity
  • Set up transaction alerts for any amount (not just large ones — scammers often start small)

Don’t wait for a fraudulent charge to appear. Being proactive here can save you weeks of headaches.

First Week: Lock Down Your Identity

Once the immediate fires are out, it’s time to build stronger defenses around your identity.

Place a Fraud Alert

A fraud alert tells creditors to take extra steps to verify your identity before opening new accounts. You only need to contact one of the three major credit bureaus — they’re required to notify the other two.

  • Equifax: 1-800-525-6285
  • Experian: 1-888-397-3742
  • TransUnion: 1-800-680-7289

Fraud alerts are free and last one year. They won’t prevent all fraud, but they add friction that stops many criminals.

Consider a Credit Freeze

A credit freeze is stronger than a fraud alert. It completely blocks new credit accounts from being opened in your name. No one — including you — can open new credit while the freeze is active.

  • Free to place and free to lift at all three bureaus
  • You’ll need to temporarily lift it when you legitimately apply for credit (a mortgage, car loan, new credit card, etc.)
  • Strongly recommended if your Social Security number was exposed

A freeze doesn’t affect your credit score and doesn’t prevent you from using your existing accounts. It simply stops new ones from being opened.

Monitor Your Financial Accounts

For the next several weeks, review your bank and credit card statements carefully.

  • Check every transaction, even small ones
  • Watch for “test charges” of $1 to $5 — scammers use these tiny amounts to verify that a stolen card number works before making larger purchases
  • Set up real-time transaction alerts through your bank’s app so you’re notified instantly when your card is used

First Month: Ongoing Vigilance

The first month after a breach is when most fraud attempts happen. Stay alert.

Sign Up for Credit Monitoring

The breached company will almost always offer free credit monitoring — take them up on it. It won’t undo the breach, but it will alert you if someone tries to use your information.

  • Accept the free monitoring offered (usually 12 to 24 months)
  • If your SSN was exposed, consider a paid service for longer-term coverage
  • Set up alerts for any changes to your credit file

Check Your Credit Reports

You’re entitled to free weekly credit reports from all three bureaus through AnnualCreditReport.com. Use them.

Look for:

  • Accounts you didn’t open
  • Addresses you don’t recognize
  • Hard credit inquiries you didn’t authorize
  • Balances on accounts that should be closed

Watch for Tax Fraud

If your Social Security number was exposed, tax fraud is a serious risk. A criminal can file a fake tax return in your name and steal your refund.

  • File your taxes as early as possible — beat the scammer to the punch
  • Apply for an IRS Identity Protection PIN at irs.gov/ippin — this six-digit number is required on your return and prevents someone else from filing in your name
  • Watch for unexpected IRS letters or refund checks you didn’t request

Monitor for Medical Identity Theft

Medical identity theft is less common but harder to detect and fix. Someone using your identity for medical care can corrupt your health records, which could affect your own treatment down the road.

  • Review every Explanation of Benefits (EOB) statement from your insurer
  • Request copies of your medical records from your providers
  • Watch for bills for services or prescriptions you didn’t receive
  • If anything looks wrong, contact your insurer and healthcare provider immediately

What Was Exposed? Your Specific Action Plan

Use the checklist below based on what type of data was compromised. Check off each item as you complete it.

If Your Email Was Exposed

  • Change your email account password to something strong and unique
  • Enable two-factor authentication on your email account
  • Be extra cautious of phishing attempts in the coming weeks
  • Consider using email aliases or a secondary address for future signups

If Your SSN Was Exposed

  • Place a credit freeze at all three bureaus (Equifax, Experian, TransUnion)
  • Apply for an IRS Identity Protection PIN at irs.gov/ippin
  • Sign up for credit monitoring (free from the breached company or paid)
  • File an identity theft report at IdentityTheft.gov
  • Check your credit reports weekly for at least six months

If Your Financial Data Was Exposed

  • Request new card numbers and account numbers from your bank
  • Review all transactions for the past 90 days for anything unfamiliar
  • Set up real-time transaction alerts for every account
  • Monitor your statements closely for at least 90 days

If Your Password Was Exposed

  • Change that password on every site where you used it
  • Start using a password manager for all your accounts
  • Enable two-factor authentication everywhere it’s available
  • Check haveibeenpwned.com/Passwords to see if your password appears in known breach datasets

Why Breaches Keep Happening

You might wonder: if breaches are so damaging, why do they keep happening? The answer is frustratingly mundane. Most breaches aren’t the result of genius hacking. They come from:

  • Unmonitored third-party vendor systems — A company might have solid security, but their vendor doesn’t. Attackers go after the weakest link in the chain.
  • Old credentials that were never rotated — Service accounts and API keys that haven’t been changed in years are an easy entry point.
  • Employees falling for phishing emails — One click on a convincing fake email can give an attacker a foothold inside an entire organization.
  • Unpatched software with known vulnerabilities — Security patches are released, but many companies are slow to apply them. Attackers know this and exploit the delay.

This isn’t to excuse the companies responsible — they absolutely should do better, and many of these failures are preventable. But understanding the patterns helps you make smarter decisions about who you trust with your data and how much information you share.

How to Reduce Your Future Risk

You can’t prevent every breach, but you can make yourself a harder target and limit the damage when one happens.

  • Use unique passwords for every account. A password manager makes this effortless. One breached password should never unlock multiple accounts.
  • Enable two-factor authentication on every account that offers it. This single step blocks the vast majority of unauthorized access attempts.
  • Minimize the personal data you share. When signing up for a service, ask yourself: do they really need my date of birth, phone number, and home address? If it’s optional, skip it.
  • Use virtual credit card numbers for online shopping when your bank or card issuer offers them. This keeps your real card number out of merchant databases.
  • Check haveibeenpwned.com periodically. Make it a habit — once a month, enter your email and see if anything new has appeared.
  • Be skeptical of services that ask for more data than they need. A flashlight app doesn’t need your contacts. A recipe website doesn’t need your Social Security number.
  • Review and delete old accounts you no longer use. Every dormant account is a potential breach waiting to happen. If you haven’t used it in a year, close it.

The Bottom Line

Data breaches are a fact of modern digital life — the question isn’t if your data will be exposed, but when. The difference between identity theft and a close call is almost always how fast you act. You now have a complete playbook: verify the breach, understand what was exposed, take immediate action, and follow through over the coming weeks.

Bookmark this guide. Share it with your family. Print it and stick it on the fridge if that helps. The next time that dreaded notification lands in your inbox, you won’t freeze — you’ll know exactly what to do.

Stay informed about the latest digital safety threats. Subscribe to the Scute newsletter for weekly tips delivered to your inbox.

Stay Protected

Join Our Shell of Protection

Get weekly cybersecurity tips, guides, and updates delivered straight to your inbox. No spam, just practical advice to keep you safe online.

We respect your privacy. Unsubscribe at any time.