It was not a great week for consumers or their personal and payment information. In a matter of days, SIX companies announced that data breaches could have exposed customer data from millions of customers.
First it was Under Armour who admitted 150 million MyFitnessPal accounts were hacked.
Next, it was Panera Bread. Although there is no sign of hacking, millions of customer records associated with their customer loyalty program were potentially exposed.
Then a few days later, Lord & Taylor and Saks Fifth Avenue announced that 5 million customers were impacted by a data breach that included credit and debit card information.
Finally, Sears and Delta airlines said the firm that hosts their user data suffered a data breach. Sears believes that credit card information from 100,000 customers was exposed. Delta isn’t sure how many saying “a small subset” of its customers were impacted.
What can you do?
Given today’s digital world—even if you managed to avoid being impacted this week—it’s never a bad time to review some steps you can take after a breach:
1. Don’t pass up free credit monitoring. The Federal Trade Commission (FTC) recommends taking advantage of free credit monitoring if it’s offered.
2. Change your password(s)—immediately. We’ve talked about it before, and the FTC also recommends taking this simple step.
3. Watch for any suspicious account activity. Keep close tabs on your accounts and report any unusual activity immediately. Tip: If you do spot something odd, save all documentation until the situation has been resolved.
4. Call your bank and credit card companies. Ask to place a fraud alert on any accounts to lock them from any fraudulent activity. A fraud alert lasts 90 days, is free to do, and includes a free credit report. You can find contact information for all the credit reporting companies on the FTC website. You could also request a new credit card number from your bank/credit card company.
5. Look out for scams. If scammers have some of your information, they may attempt email and phone scams to try and get the rest. Here’s how to spot an email scam, and don’t trust your caller ID either. If you haven’t initiated the contact, the FTC advises not providing any information.
6. Consider using an identity recovery service. If you believe you’ve been a victim of identity theft, some companies offer services to help you report and recover. An alternative to a paid service are the free, interactive recovery plans the FTC offers to help you handle the credit bureaus, debt-collectors, the IRS and more.
One more thing: In case you missed it, this week Facebook also said this week that data from up to 87 million people may have ended up in the hands of Cambridge Analytica, the political consulting firm. If you’d like to know how to control what information is shared with legitimate Facebook apps, check out our recent blog.