Have You Received a Breach Notice?

When someone notifies you that your network has been breached, you feel powerless. You get an email or phone call from a business saying someone breached your data. It happens all too often today.

Here at IT Support LA, we’ve had numerous occasions when either we or one of our clients has received a scam email. They typically come from users who have had their email hacked and we happen to be in their address book when the hackers send out phishing emails to everyone.

Many businesses, from banks, online sites like Facebook, to ecommerce stores data suffer data breaches. Governments are certainly not immune to these attacks, which can leave important Personally Identifying Information (PII), like your address, SSN, and credit card details exposed to thieves.

Like it or not, even with the best cybersecurity, you have little control over your business getting hacked, because it’s not a matter of IF, but of WHEN. You do your best to prevent them, but they happen. There are important steps you can take afterwards. We’ve outlined the most important things to do below. These steps can help you mitigate the financial losses.

Change Your Passwords

This is the very first entry in the ‘DUH’ file of things you need to do. Change the password for the service that sent you the breach notification first. Then, change it for any logins using the same password - if you have disregarded the notion that EVERY login should have its own, unique password.

It is absolutely a best practice to use unique logins for every site. Many people get in the habit of using the same password in several places. This leaves more than the single breached login at risk. Use a password manager to help you create strong passwords. You only need to remember the login for the password manager to access all the others.

Adopt Multifactor Authentication (MFA)

We can’t say this enough. Multifactor authentication is a crucial tool to keep accounts secure, even if a hacker stole the password. Enable MFA it for the breached service. Then, ensure you have MFA activated for all other logins, where possible. MFA is also called two-factor authentication or two-step verification.

Common forms of MFA are:

Text message

Authentication app

Security key

Quickly Check Your Banking Activity

If you have had a breach of payment card data, check your bank accounts for any unauthorized activity. You’ll want to watch these for several weeks for fraudulent charges. Report the breach to your bank to have them issue you a new card, if needed.

Make sure to notify your bank about the 3rd party data breach. This can help keep you from being held responsible for fraudulent charges. It’s good to get out ahead of it. Your bank can then help you with appropriate steps to avoid fraud.

Immediately Freeze Your Credit

Online criminals will often sell breached personal details. These details can enable someone to take out credit in your name. Contact the three credit agencies. They each have ways to freeze your credit to protect you. You can do this right on their websites.

The three credit agencies are:

Equifax

Experion

TransUnion

Examine the Breach Notification

Understanding exactly how the data breach may impact you is important. Review the notice you received. Additionally, look for updates on the notifying company’s website.

These are the things you should be looking for:

The type of data exposed (passwords, card numbers, etc.)

What reparations the company is making (e.g., credit monitoring)

Any instructions given to secure your account

Regularly check the company’s website. Often, they don’t immediately know how far reaching the breach is. You may check back later and find out other types of sensitive data were exposed.

Establish Top-Notch Cybersecurity Protections

There are some simple tools you can use to make sure you protect your device and network and beef up personal device security. These include:

A good antivirus/anti-malware program

DNS filtering to block malicious sites

Email spam filtering for phishing

Using a Virtual Private Network (VPN) is another good protection. This helps mask your traffic and encrypts your communications. It is especially helpful if you’re using a public Wi-Fi. VPNs are easy to use. You can use VPNs for both computers and mobile devices.

ALWAYS Look for Phishing Scams

Data breaches often expose email credentials. This means you may receive an uptick in phishing emails. Phishing has become much more convincing since criminals have adopted AI for crafting these scam emails. Phishing emails often are hard to spot from the real thing.

Stay ultra-aware of any unexpected emails. Follow best practices to avoid becoming a phishing victim:

Hover over links to see the full sender’s address.

Go to websites directly. DO NOT click links in an email or SMS.

Be suspicious of unknown senders.

Watch for phishing on social media and text messages.

When in doubt, double check through an official source

Keep Software & Systems Updated

Unpatched vulnerabilities are the first thing hackers look for and exploit. How do you get unpatched vulnerabilities? Most times it’s from failing to keep software updated.

Update your device operating system. Update all apps or software on your devices. Update firmware for routers and printers. Update firmware for smart devices.

Automating your updates is a good way to stay protected since there are so many updates we need to do with our electronics.

Frequently Asked Questions

Do companies have to notify you of a data breach?

All 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have laws requiring private businesses, and in most states, governmental entities as well, to notify individuals of security breaches of information involving personally identifiable information (PII).

Can I check to see if my SSN has been compromised?

One good way to check is to visit annualcreditreport.com to receive a free credit report. Contact the Social Security Administration if you think your Social Security number has been compromised and the administration can help review your statements.

What is the deadline for notifying a data breach?

Notice must be made without unreasonable delay, but no later than 60 days following discovery of the breach. Notification is not required if an investigation determines there is no reasonable likelihood of harm to affected individuals.

How do I check to see if someone is using my identity?

Here are some simple ways to check if your identity has been stolen:

Review Your Credit Reports.

Check Your Bank Statements.

Pay Attention to Strange Mail.

Stay on Top of Your Tax Returns.

Check Your Medical Statements.

Review Your Social Security Statements.

How secure is your network?

As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.

The best defenses are expert security to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.

With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.

Among the Managed IT services we provide:

IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)

IT Support LA is an award-winning Managed Services Provider (MSP):
o  3 Years awarded Best IT by the Small Business Expo
o  Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o  Awarded Best IT Support in California by Channel Futures
o  Winner of Best IT in Los Angeles by Channel Futures
o  Listed as one of the world’s Top 501 MSPs by CRN and in the top 250 in the   ‘Pioneer’ listing
o  4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o  Listed as #21 MSP in the World in Channel Futures NextGen 101
o  Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o  Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o  Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o  Named Best of IT winner by UpCity
o  Winner of Local Excellence Award for 2021, 2022 and 2023 by UpCity
o  Named Best of Cloud Consulting winner by UpCity
o  Certified as Top Managed Services Providers and Cybersecurity Pro by UpCity
o  Named Best IT in Los Angeles by Expertise.com.

Managed IT Services You Can Count On

Managed IT services can keep you protected at work and home. Need help improving device security? We’ll be happy to discuss our options.

Contact us today to schedule a chat about device security and take advantage of our FREE no-risk network and security assessment.

818-805-0909