Another day, another data leak.
Security breaches, whether accidental or vicious, have become a common occurrence, exposing sensitive consumer information and potentially wreaking havoc on people’s finances and personal data.
On Friday, Facebook (FB) revealed a programming bug that exposed six million users’ private contact information—which includes e-mail addresses and phone numbers—to users who downloaded their account histories onto their own computers or cellphones.
The social media giant said Friday the users’ information was mostly likely shared with “people with whom they have the same connection.” While victims might at least known the person, that doesn’t mean they want their personal contact information shared.
Data breeches like this have become so common, that Adam Levin, founder of IDT911 and Credit.com, says consumers treat the notifications about potential risks or breaches as white noise.
“One out of four people who now get a breach notification are victims of some sort of identity theft,” Levin says.
While he admits that an email address being exposed is not as dangerous as a compromised Social Security number, Levin says any data breach is serious.
“People tend to denigrate the lowly email address, but it is now personal identification information. You have numbers in your email addresses that are related to birthdays or other clues as to who you are.”
If your personal information was shared in a Facebook bug-type situation, Levin suggests taking the following steps immediately:
No. 1: Know that a warning is not a ‘test.’ Take the warning seriously, he says.
“If you get a letter from Facebook, this is the real deal. These notification letters are proving there are indications of a problem”
No. 2: Change your email password ASAP. Do this first, he says, before changing any other account passwords, because oftentimes changes and confirmation notices are sent to your email address.
No. 3: If you are offered fraud monitoring, take it! In the wake of a breach or bug, the company at fault may offer victims some kind of fraud monitoring to protect against identity or financial theft, Levin says.
“It’s on someone else’s dime, and the reality is that it is inevitable. You will be a victim at some point,” Levin says. “Monitor this and have a damage control program.”
If the company doesn’t offer assistance, consider contacting your insurer, bank or credit card company to see if they have similar monitoring services. Even if you have to pay for it, it’s worth it, he says.
No. 4: Consider creating a new email account. Levin says this type of breach may bring to light the need to have one email for personal information or social media, and another for financial accounts.
No. 5: Check your credit and keep monitoring. Consider putting a fraud alert on your bank accounts via the credit reporting agencies, or potentially even a credit freeze. And from here on out, monitor every email you get, he says.
“Look at things, as you are in the prime zone to be spear fished,” he says. “Ask yourself, ‘who sent this to me, what are they asking me to do, and is it logical?’”