Data breach response guide

When a company announces a data breach, your information may have been exposed. This guide helps you respond quickly and limit harm.

Step 1: Confirm what was breached

Read the company’s notice and any official communications. Note what was exposed: email, password hashes, name, address, SSN, financial data, or health information. This determines your next steps.

Step 2: Change passwords immediately

If the breach involved account credentials, change your password on the affected service and on any other service where you reused that password. Use a strong, unique password and enable two-factor authentication where possible.

Step 3: Watch for phishing

Breached email addresses are often used for phishing. Be skeptical of emails asking you to log in, verify accounts, or click links. Go directly to the real site instead of using links in email.

Step 4: Secure financial and identity data

If financial data or SSN was exposed, consider placing a fraud alert or credit freeze with the major bureaus. Monitor bank and card statements and your credit report for unauthorized activity.

Step 5: Reduce broker exposure

Breached data often ends up in data broker databases, which are used for marketing and sometimes by bad actors. Removing your information from data brokers reduces the ways your exposed details can be misused. Locko.AI can automate removal across hundreds of brokers so your profile is harder to find and abuse.

Step 6: Document and report if needed

Keep copies of breach notices and any correspondence. If you see identity theft or fraud, report it to the FTC (IdentityTheft.gov) and local law enforcement. Quick action and documentation support both recovery and any future claims.