Smart SpendingSmart Spending

What to do after a data breach

The recent attack on LivingSocial that exposed 50 million users' information to hackers is the latest example of why consumers should know what to watch out for after a data breach.

By Mitch Lipka Apr 30, 2013 7:09PM

User name field on computer screen © William Andrew, PhotographerAll of us are threatened when there’s a big-time data hack. Not every hack is the same – sometimes your personal information is in peril, other times your passwords, and, in the worst case, your credit cards can be exposed.


Most often, as we learned last week from the attack on the LivingSocial deal site, names and email addresses are taken. For some of the 50 million victims of the LivingSocial break-in, dates of birth were also accessed and, according to the company, encrypted passwords.


"The database that stores customer credit card information was not affected or accessed," LivingSocial CEO Tim O'Shaughnessy wrote in an email to users.


So, what do you do when you've been told your data has been hacked? You could choose to do nothing at all and leave it to chance. Not the best strategy, but certainly the easiest – as long as nothing goes wrong.


But a better strategy is this: It isn't too complicated to take certain steps to ensure that you don't fall prey to scams and other crimes related to the data breach.

LivingSocial brought one tactic to the front – creating a new password – by actually forcing all its users to come up with a new one. One of the problems it doesn't solve – this isn't a problem for everyone – is that many people use the same password for every account they can. That means if someone has your email address and can decipher your password, they can create some serious problems for you since they can pretend to be you.

It's a great idea to change your passwords for multiple sites to different ones, especially after you've learned there's a chance your go-to password has been obtained by a band of computer rogues.


One of the most common results of a big data hack is phishing attacks. A phishing attack by a hacker who knows your name, where you live and who you do business with can be persuasive. The scammers use what they know about you against you by making you believe you've received a legitimate email from a familiar brand. The idea is to provoke a response from you that would end up providing them enough information to take such actions as stealing your identity and begin to open credit lines in your name.


Here are some tips from the Better Business Bureau about what to do after a hack to protect against such crimes:
  • Be extra suspicious of any emails coming from the business that was hacked -- especially ones containing links or attachments. Scammers often use the personal information they've obtained along with the hacked businesses' name to trick customers into sharing credit card or banking info.
  • However, affected businesses do often communicate with customers after the hack. Be sure these emails are real by hovering over the links in the message. When you do this, the link destination should appear in a pop up box or in the lower left hand corner of your browser.
  • Keep a close eye on your credit card and bank accounts. If hackers have access to your personal data, identity theft is a risk. Call your bank or credit card company immediately if you see any unexpected activity.

More from MSN Money:



Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


Smart Spending brings you the best money-saving tips from MSN Money and the rest of the Web. Join the conversation on Facebook and follow us on Twitter.