Your data has been breached, now what?

If you’ve recently been notified of a data breach, now’s the time to take action.

Data breaches don’t always result in identity theft, but once your data is out there, it may be easier for thieves to use your personal information to file taxes, open accounts, or make purchases. In other words, you may be more vulnerable.

According to the Identity Theft Resource Center, 3,205 data breaches occurred in 2023 (an increase of 78 percent from 2022), which impacted over 300 million people.

So, if you've been affected, you're not alone – and we can help you take proactive steps to protect yourself. 

3 steps to take after any type of data breach

With breaches happening so frequently, it’s easy to feel exhausted and overwhelmed, but it’s important to resist “breach fatigue.” 

Take these simple security measures after any type of data breach: 

• Change your login credentials. Even if your full credentials weren’t leaked, it’s best to change the password on your breached account, and any other accounts that use the same credentials. Create a new password that’s long, complicated, and unique (a password manager can help). Also, turn on two-factor authentication (2FA) if you haven’t already. 

• Stay alert. If your contact information falls into the wrong hands, it could open the door to phishing emails, calls, and texts — which can lead to fraud. Be cautious with unsolicited messages and think carefully before clicking links or sharing your personal information. 

• Freeze or lock your credit. Consider freezing or locking your credit if crucial information, such as your Social Security number, was exposed in a data breach. Both options help prevent someone else from opening a line of credit in your name. A credit freeze is a good option if you want the highest level of protection and don't mind the extra step of contacting each bureau to freeze or unfreeze your credit. Credit locks are ideal if you need to apply for new credit frequently and want to lock and unlock your credit easily.   

What to do if your financial information was exposed in a data breach

When a data breach involves a financial account, the fallout can be serious and long-lasting. For example, thieves who have stolen names and bank account credentials could use that information to not only take over a victim’s existing account, but also to open additional accounts in their name. 

So, it’s smart to take the following steps right away:  

• Notify your bank of possible fraud. Call your financial institution and explain what happened. From there, your bank may cancel your credit card and issue you a new one or sign you up to receive fraud alert notifications.   

• Monitor your financial statements. Carefully review any statements related to the breached account and look for unexpected charges. You should report or dispute any such charges with the financial institution. 

If you’re a member and identity theft does occur, we’ve got you covered

If you’re an Allstate Identity Protection member and you experience identity theft after a data breach, we’re here for you.

In many cases, our certified specialists can handle the most tedious remediation tasks, such as making phone calls and working with third parties to resolve the theft.

Plus, we can reimburse^† many of the out-of-pocket costs associated with identity theft. But whether you use our service or not, we hope you’ll take the necessary steps to protect yourself and your loved ones. It can take hundreds of hours to resolve identity theft, but it only takes a few minutes to change a password.