Canadian Security Magazine

What to do if your personal data is breached

By Roger Miller   

Features Data Security identity theft

Image: JuSun / iStock / Getty Images Plus

Almost daily we read news about a data breach that has the potential to affect hundreds of thousands of people — maybe more.

Rarely do we know the true impact to consumers or to the business community in terms of personal data being leaked. If anything is tracked, it is usually the financial impact to the business, which, for the most part, is irrelevant to you and I.

I want to talk about the potential personal impact to the average person, and what you can do to protect yourself in the event that your data has been compromised. This isn’t about cybersecurity, this is a post cyber-event mitigation process.

The first thing you need to know is, you’re on your own. There is no entity that can recover what has been leaked. If you are able to determine exactly what personal information has been compromised that may be the only solace you can gain — but don’t count on it. You have to move on and begin the process of tracking your personal profile for any flags that you’ve become a target.


I recommend the following steps be carried out immediately after any breach:

  • Request clarity from the entity that may have exposed your personal information. As a consumer you have the right to know if your personal information has been accessed by unauthorized persons or agencies. Submit a formal request to their privacy officer or legal department.
  • Closely scrutinize your bank statements, credit card accounts, utility statements, subscriptions, as well any other accounts your have active. Look for:
  1. Inaccurate information such as an address or service change
  2. Watch for your monthly statements and verify each entry – contact the originator if your statement doesn’t arrive
  3. Correspondence from companies or organizations you have not had prior communication with
  4. Charges for purchases that you did not make – regardless of amount
  • Cancel any subscriptions or accounts that you are no longer using or need to access. This allows you to reduce the potential for fraud as well as shows diligence in updating your profile.
  • Order a copy of your credit report through your financial institution or credit bureau and scrutinize the details. Repeat in six months.

If any of the above steps produces conflicting information, it is a strong indicator that your identity has been breached and may be being used by others. It will be up to you to report it to the police as well as your financial institution(s). It is important to maintain accurate records of your contact, including date, who you speak to and the details of the conversations. This information will be needed to restore your credit.

Be cautions of credit repair companies; there is usually very little they can do to repair any damage. Credit monitoring is often advised, and helpful, but it is limited help after the breach has occurred.

Roger Miller is the President of Northeastern Protection Service Inc. and a Certified Identity Theft Awareness Trainer who has worked with corporations and organizations on the topic of identity theft awareness education.

Print this page


Stories continue below