What To Do After Identity Theft or a Stolen Personal Data Incident
Comprehensive steps to protect yourself and limit damage after your personal data — name, address, NI/SSN, or documents — has been stolen or misused.
Last reviewed: 1 June 2026
First 10 minutes
- Place a fraud alert with at least one major credit reference agency (Experian, Equifax, TransUnion) — they are required to notify the others
- Change passwords for your email, banking, and any account linked to the compromised data
- Enable two-factor authentication on email and banking if not already active
- Note down exactly what data was compromised (name, date of birth, address, NI/SSN, passport, payment details)
- Screenshot any notifications, breach alerts, or messages that indicate how the theft occurred
First 24 hours
- Consider placing a full credit freeze (also called a security freeze) with each credit reference agency to prevent new credit being opened in your name
- Review your credit report for any accounts or enquiries you do not recognise
- Report to your national fraud reporting service and, if a government document was stolen, to the relevant issuing authority
Contact your bank or payment provider
- Notify your bank and ask them to flag your account for unusual new credit applications or address changes
- Request replacement cards if your card details were part of the compromised data
- Check all linked payment services and subscriptions for unauthorised changes
Evidence to preserve
- Any notification emails, breach alerts, or letters confirming the incident
- Credit report copies showing your baseline before any fraudulent accounts appear
- Records of any suspicious accounts, applications, or transactions already identified
Secure your accounts and devices
- Use a password manager to generate unique, strong passwords for every account
- Audit which services store your compromised personal data and tighten privacy settings where possible
- Set up alerts for new credit applications, address changes, or electoral roll changes in your name
Report it
- Report to your national fraud/cybercrime service
- Report to the platform, bank, or provider involved
- Keep any reference numbers you're given
Identity theft recovery is a marathon, not a sprint. The most important early actions are the credit freeze (which prevents new accounts being opened in your name) and securing your email (which is often the master key to all other accounts). Do both before spending time on less urgent steps.
Keep a written log of every action you take, every report reference number you receive, and every contact with banks, agencies, and authorities. This record is invaluable if you later need to dispute a fraudulent account or application, or if law enforcement needs your evidence.
Frequently asked questions
What is the difference between a fraud alert and a credit freeze?
A fraud alert asks lenders to take extra steps to verify your identity before approving new credit — it is less disruptive but easier to bypass. A credit freeze locks your credit file entirely so new credit cannot be opened in your name at all. A freeze is the stronger protection and is recommended after a significant data compromise.
My passport or driving licence details were stolen — what should I do?
Report to the issuing authority (HMPO for UK passports, DVLA for driving licences, the relevant consulate for other documents). In the US, report a stolen passport to the State Department and a stolen SSN to the Social Security Administration. Flag the theft with police so you have a report number if the document is misused.