It's hard to imagine a worse response to a data breach than Uber's: The ride-hailing company recently announced that in 2016 the company had a massive data breach in which the personal information of about 57 million users and drivers was exposed—and the company kept the data breach a secret and paid a $100,000 ransom.
"This is not what you do as a company when you know you've exposed the data of 57 million people—you don't pay someone off to make it go away," said Adam Levin, chairman and founder of CyberScout. "You respond urgently, transparently and empathetically."
Here is some insight from CyberScout's experts on how to protect yourself after your information has been exposed in a security incident:
- Review the breached account. Identify what information it contained and what was compromised. Look for unauthorized activity, such as a change in address or telephone number.
- Change all user access credentials. If you use the same passwords for other financial institutions, change them. Watch financial statements—on paper and online—for unauthorized transactions. Be aware of potential email, phone and snail-mail scams. Enable text and email alerts when possible.
- Notify existing creditors of the breach. Consider canceling your cards and getting new ones. Take advantage of issuers’ services that alert you to unusual transactions.
- Place a fraud alert on your credit file. An alert placed with any one of the three major credit bureaus signals to potential creditors that you could be a victim of identity theft.
- Review your credit reports for any unusual activity. Visit annualcreditreport.com, the government-mandated source for free annual credit reports. Investigate suspicious activity and stay on top of it until the matter is resolved. Also, look for signs of fraud in your medical files, on your Social Security statement, in insurance claims, or in public records