What should I do immediately after a data breach affecting my accounts?
Change your password for the breached service immediately, check whether the same password was reused elsewhere, enable two-factor authentication, and monitor your credit for unusual activity.
Last reviewed: 10 June 2026
Explanation
When a company you use suffers a data breach, the exposed information — which can include email addresses, passwords, phone numbers, and sometimes financial data — is often sold on criminal marketplaces and used to attack your other accounts within hours. The speed of your response matters: attackers run automated credential-stuffing scripts that try breached username-and-password combinations across hundreds of sites within minutes.
The first action is to change your password on the breached service. If you used the same or a similar password anywhere else, change those too. This is why password reuse is so dangerous — one breach becomes many if you have shared credentials. A password manager both highlights where you have reused passwords and makes replacing them fast.
Enable two-factor authentication on the breached account and on any account that shared the same password or that is linked to the same email address. If financial information was exposed — credit card numbers, bank account details, or Social Security/National Insurance numbers — contact the relevant financial institutions immediately and ask for new card numbers or account numbers.
For high-severity breaches involving SSN, date of birth, or government ID numbers, place a credit freeze with all three major bureaus (Equifax, Experian, TransUnion in the US). A credit freeze is free and prevents new accounts from being opened in your name without your explicit action to lift the freeze. Check your existing accounts for any transactions you do not recognise and set up credit monitoring alerts. Visit the breached company's notifications page for specifics about exactly what data was compromised.
Common red flags
- Email from a service saying your account was involved in a security incident
- Password-reset requests arriving that you did not initiate
- New credit accounts appearing on your credit report you did not open
- Login attempts from unfamiliar locations in your account security log
- Notifications from haveibeenpwned.com that your email appears in a breach
- Unexpected charges on linked payment methods
What to do now
- Change your password on the breached service immediately
- Change passwords on every other account that shared the same password
- Enable two-factor authentication on the breached account and related accounts
- If financial data was exposed, contact your bank and card issuers for replacement numbers
- Place a credit freeze with Equifax, Experian, and TransUnion if SSN or ID data was breached
- Set up free credit monitoring via annualcreditreport.com and sign up for breach alerts at haveibeenpwned.com
Frequently asked questions
How do I freeze my credit and does it cost anything?
In the US, placing a credit freeze is free at all three major bureaus since 2018. Visit each bureau's website directly (Equifax, Experian, TransUnion) or call their freeze hotlines. You can lift the freeze temporarily when you apply for credit and refreeze afterward.
Is it worth monitoring my credit after a breach?
Yes. Identity thieves may not use your information immediately — some stolen data is held for months before being exploited. Free tools like Experian's free tier or credit-card-provided monitoring are worth enabling after any breach involving personal information.
The breach happened two years ago. Is it still risky?
Yes. Stolen data is resold repeatedly and used long after the original breach. If you have not already taken the steps above — password change, 2FA, credit freeze — do them now.