Have you been in a data breach? Here's what to do next.
If you haven't already, change your account password. You should use a strong and unique password that you don't use anywhere else. If the service supports it, enable two-factor authentication to provide an added layer of security.
Any accounts that share the same email address are at risk, especially if the password is the same or similar. You should use a strong and unique password for accounts that share the same email address, especially for high-value accounts. You should also enable two-factor authentication where supported.
High-value accounts to consider include:
If you suspect that sensitive identifiers, documents or other information may have been exposed, you will need help from the relevant provider. Follow their advice about what to do in the case of a breach. In some cases, this may include invalidating, re-issuing or adding additional security verifications for certain documents, identifiers or services.
If your data is circulating, you may receive a higher volume of spam, phishing emails, scam calls and text messages. If you're unsure about the legitimacy of any particular contact, don't risk it. Instead, call back on the listed number or message the sender through their contact form.