What to Do After a Data Breach: A Complete Response Guide

Receiving a data breach notification letter is unsettling. Whether it is the recent 700Credit breach affecting 5.8 million people or any of the countless other breaches that occur each year, learning that your personal information has been exposed to criminals is alarming. However, taking prompt and decisive action can significantly reduce your risk of becoming a victim of identity theft or financial fraud.

This guide provides a step-by-step response plan for data breach victims. Whether your Social Security Number, credit card information, medical records, or login credentials were exposed, you will learn exactly what to do to protect yourself and minimize potential damage.

First 24 Hours: Immediate Actions

The hours and days immediately following a breach notification are critical. Here is what you should do right away:

Verify the Breach Notification is Legitimate

Before taking any action, confirm that the breach notification is real. Criminals often send fake breach notifications as phishingPhishing🛡️A social engineering attack using fake emails or websites to steal login credentials or personal info. attacks. Verify by visiting the company's official website directly (do not click links in the email or letter) and looking for breach announcements. You can also call the company using a phone number from their official website.

Understand What Was Exposed

Different types of exposed data require different responses. Review the breach notification carefully to understand exactly what information was compromised:

Social Security Number: Highest risk—enables identity theft and fraudulent credit applications

Date of birth + name + address: High risk—often used with SSN to open accounts

Financial account numbers: High risk—requires immediate account monitoring

Login credentials: Medium risk—change passwords immediately

Email address only: Lower risk but expect increased phishing attempts

Enroll in Offered Protection Services

Most breach notifications include an offer of free credit monitoring or identity protectionIdentity Protection🛡️A Microsoft Entra IDMicrosoft Entra ID🛡️Microsoft's cloud-based identity and access management service (formerly Azure Active Directory), providing authentication, SSO, and security features for Microsoft 365Microsoft 365🌐Microsoft's subscription-based cloud productivity suite including Office applications, Exchange Online, SharePoint, and Teams. and other applications. Premium feature that uses machine learning to detect risky sign-ins and user behaviors, automatically enforcing remediation like MFA challenges or password resets. services. Enroll immediately—these services typically have enrollment deadlines. For example, 700Credit is offering 12 months of TransUnion identity protection with a 90-day enrollment window. Even if the offered service is not the most comprehensive available, it provides an immediate layer of protection at no cost.

Protecting Your Credit

If your Social Security Number was exposed (as in the 700Credit breach), protecting your credit should be your top priority. Criminals use stolen SSNs to open fraudulent credit accounts, take out loans, and commit tax fraud.

Place a Credit FreezeCredit Freeze📖A security measure that restricts access to your credit report, preventing creditors from viewing it and effectively blocking the opening of new credit accounts in your name.

A credit freeze (also called a security freeze) is the most powerful protection against identity theft. When you freeze your credit, potential creditors cannot access your credit report, which prevents anyone—including you—from opening new credit accounts. You must freeze your credit at all three major bureaus:

Equifax: equifax.com/personal/credit-report-services/credit-freeze/

Experian: experian.com/freeze/

TransUnion: transunion.com/credit-freeze

Credit freezes are free by federal law. When you place a freeze, you will receive a PIN or password that you need to temporarily lift (thaw) the freeze when you legitimately want to apply for credit. Keep this PIN in a safe place.

Consider a Fraud Alert

A fraud alert is less restrictive than a credit freeze. It requires creditors to verify your identity before opening new accounts but does not block access to your credit report. You only need to place a fraud alert at one bureau—they are required to notify the other two. An initial fraud alert lasts one year and is free.

If you have already been a victim of identity theft, you can place an extended fraud alert that lasts seven years. This requires a police report or FTC identity theft report.

Review Your Credit Reports

Request free copies of your credit reports from AnnualCreditReport.com—the only official site for free credit reports. Review each report carefully for:

Accounts you do not recognize

Hard inquiries from unfamiliar companies

Addresses where you have never lived

Names or aliases you do not use

If you find fraudulent activity, dispute it with the credit bureau immediately and file an identity theft report with the FTC at IdentityTheft.gov.

Protecting Your Financial Accounts

Beyond credit monitoring, you should take steps to protect your existing financial accounts:

Set Up Account Alerts

Enable real-time alerts for all your bank accounts and credit cards. Most financial institutions allow you to receive notifications for transactions above a certain amount, any international transactions, any online purchases, or any card-not-present transactions. These alerts help you catch fraudulent activity immediately.

Review Statements Carefully

Check your bank and credit card statements weekly for the first few months after a breach. Look for small test charges—criminals often make small purchases first to verify a card works before making larger fraudulent purchases. Report any unauthorized transactions to your financial institution immediately.

Update Passwords

If login credentials were exposed, change your passwords immediately—not just for the breached service but for any other accounts where you used the same or similar passwords. This is a good time to adopt a password managerPassword Manager🛡️Software that securely stores and auto-fills passwords, generating strong unique passwords for each account. and enable two-factor authentication on all accounts that support it.

Protecting Against Tax Fraud

When your SSN is exposed, tax fraud becomes a significant risk. Criminals file fraudulent tax returns using stolen SSNs to claim refunds. To protect yourself:

File your tax return as early as possible each year

Request an Identity Protection PIN (IP PIN) from the IRS at irs.gov/ippin

Monitor your IRS account at irs.gov/account for any unexpected activity

If you receive an IRS notice about a tax return you did not file, respond immediately and follow the IRS identity theft procedures.

Watch Out for Targeted Phishing

After a data breach, expect an increase in phishing attempts. Criminals may use the exposed information to craft convincing scams. They might:

Impersonate the breached company offering "help" or "compensation"

Send fake breach notifications to steal more information

Call pretending to be from your bank warning of "suspicious activity"

Send personalized emails using your exposed personal details to seem legitimate

Always verify the identity of anyone contacting you about the breach. Legitimate companies will not ask for sensitive information via email or unsolicited phone calls.

Long-Term Protection

Data breach exposure requires ongoing vigilance, especially when sensitive data like Social Security Numbers is involved. Unlike credit card numbers that can be replaced, your SSN follows you for life. Implement these long-term protective measures:

Keep credit freezes in place when not actively applying for credit

Review your credit reports at least annually (quarterly is better)

Consider keeping identity monitoringIdentity Monitoring📖Services that continuously watch for signs that your personal information is being misused, including monitoring credit reports, dark web activity, and public records. services beyond the free period

Use a password manager and unique passwords for every account

Enable two-factor authentication wherever available

Quick Response Checklist

Use this checklist to ensure you have taken all necessary steps:

Verify the breach notification is legitimate

Identify what data was exposed

Enroll in offered identity protection services

Place credit freezes at all three bureaus (if SSN exposed)

Review your credit reports for suspicious activity

Set up account alerts on financial accounts

Change passwords if login credentials were exposed

Request an IRS IP PIN before tax season

Stay vigilant for phishing attempts

Key Takeaways

Discovering your personal information has been exposed in a data breach is stressful, but prompt action can significantly reduce your risk. Remember:

Credit freezes are your most powerful tool against identity theft—they are free and effective.

Always enroll in offered protection services before the deadline expires.

Be extra vigilant for phishing attempts following a breach.

Long-term monitoring is essential, especially when SSN exposure is involved.

Keep Learning

What is API Security? — Understand the technical vulnerabilities that enable data breaches like 700Credit.

Understanding Third-Party Risk — Learn how vendor relationships can expose your data to breaches.

What is Two-Factor Authentication? — Add an extra layer of protection to your accounts.