What to Do After a Data Breach

Wireless carrier T-Mobile said in a filing January 19 with the Securities and Exchange Commission that a “bad actor” had gained access to the data of 37 million customer accounts. This is the company’s second major data breach in two years. 

According to the SEC filing, T-Mobile discovered the data breach on January 5 and was able to trace the source of the breach and stop it within a day. Although the data that were accessed didn’t include customer payment information or Social Security numbers, they did include names, billing addresses, emails, phone numbers, birthdates and T-Mobile account numbers.  

A 2021 cyberattack against T-Mobile impacted 76.6 million customers, and the company agreed to pay $350 million to settle customers’ claims. It also agreed to spend $150 million to improve its cybersecurity. In its January 19 filing with the SEC, T-Mobile claimed it has made progress on enhancing its security. However, the most recent breach that T-Mobile discovered on January 5 actually started on November 25, according to the SEC filing. So it went undetected for more than a month. 

If you are a T-Mobile customer, you should take action immediately to protect your personal information. Even if you weren’t impacted by this data breach, there’s the possibility your data could have been compromised at some point by a breach that wasn’t publicized. 

“We’ve had thousands of breaches and leaks. You’ve had billions of pieces of information released,” says cybersecurity expert Adam Levin, co-host of the What the Hack with Adam Levin podcast. “The information is out there, and a great deal of it is for sale on the dark web. We’re living in a cyber siege state because we are under constant attack.” 

That’s why it’s important to know what steps to take after a data breach.

Step 1: Find out if your accounts have been compromised

T-Mobile said in its SEC filing that it has started contacting customers about the breach. If you are a T-Mobile customer and haven’t been notified yet, that doesn’t mean you weren’t impacted. The company is still investigating the breach and could continue to contact customers.

Because data breaches happen at large and small companies all of the time, it’s a good idea to frequently check if your data has been leaked by using a free service such as Carefull’s Radar scan. 

Step 2: Change account passwords

T-Mobile claims that customer passwords weren’t compromised by the recent data breach. However, it’s always a good idea to change your account password after a data breach. If you used the same password for other accounts, you’ll need to change those passwords, too. 

Consider using a password manager to generate strong, unique passwords for you. For example, account, credit and identity monitoring service Carefull offers a digital Vault that includes a password generator and stores passwords with military-grade encryption. 

Also, consider getting additional email addresses to segment accounts in order of priority and sensitivity, Levin says. For example, you could use one email address for retail accounts and a different one for financial accounts. Because your email address often is part of your account login credentials, thieves might be able to use it to access your accounts (especially if you don’t have a strong password). Having more than one email account can help lower this risk.

[ See: How to Protect Your Account Passwords ]

Step 3: Use multi-factor authentication

In addition to using strong passwords, Levin recommends getting an extra layer of protection by setting up multi-factor authentication on your accounts. Opt to receive a text message with a code to enter in addition to your username and password when logging into your accounts. 

Better yet, consider downloading an authentication app to use as your multi-factor verification method. Free authentication apps such as Duo Mobile and Google Authenticator create unique passcodes that you’ll need in addition to a password to log into your account and can be an even more secure option than text message codes..

Step 4: Freeze your credit

Keep thieves from using your personal information to open new accounts in your name by freezing your credit. A credit freeze blocks access to your credit reports and sends a message to lenders that they shouldn’t extend new credit in your name because you’re potentially a victim of identity theft. “It should let you sleep a little easier at night,” Levin says.

It’s free and easy to place a freeze on your credit reports at all three of the credit bureaus.You can lift the freeze if you need to apply for credit.  

• Equifax security freeze
• Experian security freeze
• TransUnion credit freeze
  ‍

Step 5: Monitor your accounts, credit and identity

After a data breach, it’s critical to monitor your accounts for unusual activity, Levin says. That’s because not only do the hackers who breached a company’s database have access to your personal and account information, but also they can sell that information on the dark web to other thieves. 

To make it easier to keep constant tabs on your accounts, Levin recommends setting up alerts to be notified of activity on your accounts. To get more comprehensive monitoring, consider a service such as Carefull. It monitors bank, credit and investment accounts 24/7 for unusual transactions, signs of fraud and money mistakes. 

Carefull also provides credit and identity monitoring and up to $1 million in identity theft insurance. Plus, it has Care Agents who can walk you through the steps to take to recover your identity if you become a victim.

Step 6: Install a spam blocker

T-Mobile customers’ phone numbers were accessed during the latest data breach. With this information, Levin says thieves can launch smishing attacks—text messages that aim to steal people’s personal information and money. So be careful not to click on links in any text messages you receive, even if they appear to come from a reputable company. Instead, contact the company directly to see if there are issues with your account. 

Scammers also can use phone numbers to make spam calls. Cut down on the number of these calls you receive by installing a spam blocker. In addition to account, credit and identity monitoring, Carefull provides spam blocking assistance. Members can select their phone provider and device type and be automatically sent a link to install their provider's preferred spam call blocking application. 

Step 7: Watch out for phishing attacks

Because hackers got access to email addresses in the T-Mobile data breach, there likely will be an increase in phishing attacks, Levin says. Be on the lookout for emails that appear to come from legitimate organizations and prompt you to click on links. Those links could include malware or take you to fake websites, where you’ll be prompted to provide your personal or account information.  

To protect yourself, don’t click on any links or attachments in emails—even if those emails appear to come from a trusted source. Contact the company or organization directly to see if it was trying to reach. And if you received an email from friends with a link or attachment, call them to see if they actually sent you an email. Their computer or email could have been hacked, and the hackers could be using their email address to send scam emails.  

Bottom line

The best way to protect yourself against data breaches is to be proactive. You should have protections in place already, Levin says. Don’t wait for a data breach to occur to take the steps listed above. 

[ Keep Reading: What to Do When Your Identity Is Stolen ]‍