CONSUMER REPORTS — On April 15, 2019, Consumer Reports’ tech editor, Nicholas De Leon, got alerts saying he had signed up for several credit cards.
“I didn’t know what was happening. I hadn’t signed up for any new credit cards,” said Nicholas De Leon.
Since he hadn’t received a notice about a data breach, Nicholas checked online to see where his personal information was compromised.
“It was scary. It was stressful. And the worst part was that I was on the hook to clean up the mess,” said De Leon
Sometimes, companies will contact you to let you know if you’re the victim of a data breach. But you can also do some digging online yourself to find out what information was compromised.
The website “Have I Been Pwned” will tell you if it’s your email address, phone number, or password.
“If your password was compromised, change it everywhere you used it,” said Bree Fowler of Consumer Reports.
Though convenient, It’s a good reminder not to reuse passwords.. Don’t worry about having to remember new ones–A password manager does that for you. CR recommends one called ONE-Password, which creates and stores complex, unique passwords for each of your accounts.
And since cybercriminals can use your personal information to try to log into your accounts, use something called multi-factor authentication which requires a second form of identification to log in.
“Often, it’s a code sent to your phone. But we recommend using a form that’s more secure than that,” Fowler said.
Like the Google Authenticator app. Or a hardware security key, such as Yubikey. If your Social Security number or financial information was part of a data breach, CR says freezing your credit is a smart option since it restricts access to your credit
history. That’s exactly what Nicholas did after his identity was stolen.