Recommended Actions After a Potential Compromised Account
Modified on: Mon, Mar 10 2025 3:55 PMBTech |
|
BTech Alerts & Notifications - Check this page for the latest information on emergencies and system outages. All times are Pacific. | |
Cybersecurity Information |
If you suspect that one of your accounts has been compromised, taking immediate action is crucial to protect your personal information and prevent further damage.
Here are some steps you can take that will mitigate the usefulness of data the attackers may have found while they had access to your computer:
-
Secure your Accounts
-
Change Passwords:
Immediately change the password for the compromised account.
Choose a strong, unique password that includes a combination of letters, numbers, and special characters.
Avoid using easily guessable information like birthdates or common words.
Treat every password in your life as if it has been compromised.
Change every password you have for ALL websites and set up Multi-factor Authentication (MFA) wherever possible.
Make sure that you do not re-use any similar passwords.
Every site should have a unique password.
Consider using a password manager (eg. Lastpass, onepass, etc) to make passwords easier to manage.
-
Enable Multi-Factor Authentication (MFA):
If the compromised account supports it, enable multi-factor authentication for an extra layer of security.
This typically involves receiving a code on your phone or email that you need to enter along with your password when logging in.
-
-
Notify your Contacts
-
Notify Friends, Family, and Business Contacts as needed:
Contact friends and family and warn them that someone may try to contact them or impersonate you.
Recommend they call you to confirm information rather text/email etc.
-
Established contacts can become the next target.
-
-
Check Accounts and Available Data
-
Check your Accounts for any Personal and Confidential information (such as address, CC #, SSN):
Check files/email for any information that could be used in a scam or to scam people you know (financial info or personal info).
-
If you find anything a bad guy might use to impersonate you with a business or financial partner, contact any other parties to let them know of the situation and ask what can be done to protect yourself.
-
Check Other Accounts:
If you use similar passwords across multiple accounts, consider changing the passwords for those accounts as well.
It's a good practice to use unique passwords for each account to minimize the risk of multiple accounts being compromised if one is breached.
-
-
Monitor Accounts and Activity
-
Review Account Activity:
Review the recent activity on the compromised account to identify any suspicious actions, unrecognized devices, or unauthorized access.
Most online services provide a feature that allows you to view recent login attempts and activity.
If you find anything suspicious, log out of all active sessions and revoke access to any unauthorized apps or services.
-
Monitor Financial Statements:
If the compromised account is linked to any financial accounts or payment methods, monitor those accounts closely for any unauthorized transactions.
Report any suspicious activity to your bank or financial institution immediately.
-
Monitor your credit for unauthorized activity.
In the event the bad actors got hold of financial information consider contacting all financial organizations and insurance companies you partner with and let them know your personal information may have been compromised and ask what they recommend to protect yourself against Identity Theft.
-
-
Contact Customer Support:
If you suspect that your account has been compromised, contact the customer support team of the service or platform associated with the account.
They can provide guidance on next steps and may be able to assist in securing your account.
-
Contact the three major credit agencies (see below) and consider putting a freeze on your credit and ask for recommendations.
-
Major credit agency contact info:
Equifax
(866) 349-5191
P.O. Box 740241
Atlanta, GA 30374Experian
(888) 397-3742P.O. Box 2002
Allen, TX 75013TransUnion
800) 888-42132 Baldwin Place
P.O. Box 1000
Chester, PA 19016
-
Major credit agency contact info:
-
Protect and Educate Yourself
-
Consider Identity Theft Protection:
- Depending on the severity of the compromise and the information involved, you may want to consider enrolling in an identity theft protection service to monitor for any signs of fraudulent activity using your personal information.
-
Educate Yourself:
- Take this opportunity to educate yourself about common cybersecurity threats and best practices for protecting your online accounts.
- Stay informed about the latest security measures and updates from the services you use.
- Review the tips provided by the Federal Trade Commission's Consumer Information website, a valuable resource with some helpful tips on how to protect your information.
- Additional information is available at https://www.consumer.ftc.gov/topics/privacy-identity-online-security
- View the tips listed here: https://www.identitytheft.gov/#/Info-Lost-or-Stolen
-
Stay Vigilant:
- Even after taking these steps, remain vigilant about your online security.
- Regularly update your passwords, enable security features like MFA whenever possible, and be cautious about clicking on links or downloading attachments from unknown source
-
Scan for Malware:
-
Run a full scan of your device using reputable antivirus or anti-malware software to check for any malicious software that may have contributed to the compromise.
-
-
Consider Identity Theft Protection:
By taking these proactive measures, you can help minimize the impact of a compromised account and reduce the risk of future security incidents.