Uh oh — you’ve been hacked! Finding out someone has cracked open your accounts and helped themselves to your information can be alarming, but there are ways to mitigate the damage while jump-starting your recovery process. Here are five steps to take after being hacked.
1. Assess the damage
First, take a step back and determine how much damage was done. Unfortunately, one hacked password can often be the gateway to multiple hacked accounts and even complete identity theft. This is especially true if you use the same password for several accounts or use the hacked account or device for password recovery on other accounts. So, first things first: Review your credit card and account statements for any suspicious activity. Also, try accessing your email, social media accounts, and mobile devices to see if they’ve been hacked.
2. Change your passwords
Once you know which accounts and devices have been hacked, change the passwords and PINs on these accounts. For an added measure of protection, it’s a good idea to change the passwords on all of your accounts that may hold sensitive information. Remember to choose strong, unique passwords for every account. A strong password uses a combination of letters, numbers, and symbols; varies the use of capital letters; and does not use a piece of personal information that can easily be scraped off the internet, such as your date of birth or home address.
3. Protect your credit
Now that you’ve blocked the hacker(s) from your accounts, it’s time for damage control.
- First, dispute any fraudulent charges on your compromised account(s). If necessary, have the account(s) locked or even shut and/or deleted.
- Next, place a fraud alert on your credit reports. This serves as a red flag to potential lenders and creditors, making it more difficult for the scammer to open up additional lines of credit or to take out a loan in your name.
Consider a credit freeze as well. This blocks potential lenders from accessing your credit report, making it impossible for the hacker to open new credit accounts in your name.
4. Alert the authorities
You can alert the Federal Trade Commission (FTC) about a possible or confirmed identity theft at identitytheft.gov. You’ll also find a detailed recovery plan on the site to help you repair your credit and reclaim your identity. Hacking is usually done remotely, but it’s still a good idea to let your local law enforcement agencies know about the breach. This way, they can be on the alert if the hacker decides to assume your identity and use your credit cards in stores near your hometown. Also, if you haven’t already done so, don’t forget to let SFCU know what’s happened! Whether it’s a credit card that’s been stolen, a checking account that’s been breached, or a social media account that’s been broken into, we’ll do all we can to protect your accounts. If you’ve been hacked, give us a call at to see how we can help.
5. Proceed with caution
Once you’ve taken all the necessary steps toward damage control and mitigation, you can start thinking about the future. It’s important to keep a close eye on your accounts for the next month. Look out for any suspicious activity on all accounts, including charges you don’t recall making, large withdrawals of cash, and even new loans being opened in your name. If you find any fraudulent activity, be sure to let the account holders know and follow the steps suggested above. If you’ve opted to go with a credit freeze, it will generally lapse after 90 days. If your accounts are determined to be safe, consider opening new lines of credit now to jump-start the recovery of your credit health.
If the hacker went all out and stole your identity, it’s best to follow the recovery plan outlined by the FTC. This plan may include replacing your Social Security number, driver’s license, and more. Getting hacked is never fun, but taking immediate and decisive action can help mitigate the damage, as well as speed up the recovery process.