Part of a Data Breach… Now What?

Data breaches continue to place personal information at risk on a daily basis, learn about important steps to take to protect your data from being compromised before and after a breach.

Last summer Capital One made national headlines due to their absolutely massive data breach that exposed the personal data of more than 100 million customers. To make matters worse, the breach initially happened in March and April of 2019, but Capital One was not aware of the problem until mid-July of that year. In addition to consumers and the press, the breach drew the ire of regulatory bodies with all asking the main question… what’s next? Nearly one year later the bill is due in the form of a civil penalty of $80 million (which is large, but still nowhere near the estimated $575 to $700 million dollar Equifax data breach settlement) and continued regulatory oversight from the federal government.

The reality is, this probably isn’t the first time personal data was stolen and it won’t be the last. Capital One joins other major companies including Yahoo, Equifax, and Intel who have reported major data breaches within the last few years and at this point breaches are not a matter of it, but when.

With this in mind, our cybersecurity team shares best practices you can take to protect yourself from becoming a victim of fraud or identity theft before or after a data breach. There are two practical things you can do to prevent yourself from being a victim as a result of a data-breach. They are using unique passwords for all your logins and protecting your credit.

Password Security

Let’s start with passwords. It is critical to use unique passwords for all of your accounts. Why? One of the first things a criminal does when they steal a password is to see where else it works. This is known as “credential stuffing” and is how attackers take the compromise of one account and find ways to increase their earning potential. Does this email address and password I stole also login to Netflix, Chase, PNC, Amazon, etc? If it does, that is another one that can be listed for sale on a criminal website. $5 for a valid Netflix doesn’t seem like a lot of money, but if you are selling thousands of them that adds up, and you didn’t even have to attack Netflix. There is one way to prevent credential stuffing, that is to simply use a unique password for all of your accounts and no, you don’t need to have some kind of formula or remember all of them in your head.

Managing unique passwords for all your accounts is easily and securely performed using a password manager, such as LastPass or 1Password, which are the two most recommended by security professionals. Password managers are apps that will set strong random passwords for all your accounts, so you don’t have to remember them and if one site gets hacked the compromise stops there. You just need to remember one strong password for the password manager that is used to protect your passwords (If you are forgetful, make sure to enable the account recovery option and consider storing the password or recovery key in a safe or safe deposit box). Most password managers support biometrics, so accessing and auto-filling your passwords on your mobile device is as simple as doing a face unlock or fingerprint. Web browser plugins allow password managers to be easily used on your computer. In most cases, once you configure the password manager for a site (a task most do automatically as you login or create a new account), it will fill in your login credentials for you when you need to login again.  If you used the same password for an account that was breached anywhere else, make sure to change that password everywhere it was in use. If that is the case, what a great time to start using a password manager.

To get more rapid notification of a potential breach that involved your email addresses, consider using the free service, which will send you an email alert if they find your email address tied to any breaches as they become known.

Credit Protection

Protecting your credit against fraud from cyber or other attacks isn’t too complicated. Make sure to review your credit card and bank statements every month and call the bank if you see unusual activity. In addition to monitoring you credit activity, freezing your credit is a strong and cheap protection. Go to the three major credit reporting agencies, Experian, TransUnion and Equifax and freeze your credit with all of them. This can be done online or via phone and at the most costs around $5 per agency. If your credit is frozen and somebody attempts to open a credit card in your name, they will be denied. The downside of this, is that you will need to unfreeze or thaw your credit whenever you apply for a new credit card, get a mortgage or etc. so make sure to do that a couple days before you submit any credit applications.

Credit monitoring services are advertised all the time and are often provided for free if you are involved in a data breach, but they only detect fraud after it happens. It is much better to prevent it than have to recover from it, but many of the credit monitoring services do provide insurance or help in dealing with fraud you do encounter, so they are worth considering.

Simply doing the two things outlined in this article, creating unique passwords for all your accounts and protecting your credit will greatly increase your defenses against cybercrime.

Lessons from the Frontlines

The Schneider Downs cybersecurity team continues to see these types of attacks from both sides – defending clients who have fallen victim, and proactively providing offensive security testing (penetration testing or ethical hacking) to show firsthand how an attack could happen – and most importantly, how to prevent attacks. Attackers are better than ever at performing their attacks and turning them into money. They slip in via a phishing email, slowly or quickly gain full control of the network and then lock everything up before IT or the security team knows what hit them. With recent attacks we have seen a newer trend where the attackers get a ransom, but also steal data for resale, which may quickly become the new norm.

Our team is well equipped to help organizations proactively improve their security, going beyond compliance standards and testing the real impact an attacker can have on their networks. Our defensive team has helped numerous clients recover from the direst of cyber-attacks, the worst of which required rebuilds of essentially every system on the network. We also tune any number of defensive security products to better and more accurately detect the latest attack techniques.

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit or contact the team at [email protected]

In addition, our Incident Response Team is available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident. 

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2022 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
Apache Log4j Vulnerability Update – Remediation Tools and Patches
Apache Log4j Vulnerability Update – CISA Issues Emergency Directive
Apache Log4j Vulnerability Update – Government Responses and Ransomware Activity
HR Management Software Provider Kronos Hit by Ransomware
Apache Log4j Vulnerability Update
Navigating the Digital Transformation Roadmap
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.