It's likely that online services you use will, at some point, experience a data breach. When this happens, you might receive an email from the service provider directly or from our IT Risk Management office to let you know (UD is notified when UD email accounts appears in online "data dumps").
If you receive word that your credentials have been exposed in a data breach, here's what to do:
- If you use the exposed password anywhere else, change it immediately
- Turn on two-factor / multi-factor authentication for any online service that offers it to provide an additional layer of protection to your account
- Visit haveibeenpwned.com and check for any breaches for your other email addresses or passwords (if so, change those, too!)
- Use unique passwords for accounts that store sensitive information (password manager applications are helpful in managing these)
- Beware of extortion and other social engineering scams that try to use this "dumped" information to trick you
- Check your billing and bank statements monthly to promptly identify suspicious charges
- Visit annualcreditreport.com quarterly and review your credit report for free