What you should do if you are the victim of a privacy breach

To finish Privacy Week 2024, we look at your options in case you are a victim of a privacy breach. The first thing is – don’t panic! There are steps to go through to minimize any damage and ensure that this does not happen again.

What should I do if I am the victim of a privacy breach?

Here are three common ways you may become aware of a privacy breach: you realize it when a password doesn’t work, a strange charge appears on your credit card statements, or you receive an official breach notification – like an email – from an organization.

If you notice a breach, there are a few things you should do immediately:

• Change all of your online login and password information. If someone obtains your password, they may be able to access your account, see your activities, and even pretend to be you! And if you use the same password for different accounts, change them all! Fraudsters will test the same combination of usernames and passwords for other accounts you may have.
• Carefully monitor affected accounts. You’ll want to keep a close eye on these—especially if the breach involves sensitive information like financial information.
• We recommend that you contact Kindred Credit Union immediately if you think your accounts may have been compromised.
• Contact Kindred and your credit card companies to request that they close your current credit and debit cards and issue you new ones.
• Ensure your electronic devices are not infected with malware – If you are unsure, get your electronic devices professionally cleaned.
• Call the police to report the identity theft.

Consider subscribing to services such as credit alerts to reduce the potential for fraud. Some companies that have experienced a breach will offer customers free credit monitoring for a period of time. If you receive a breach notification from a company, ask if this service is available. Other options are to:

• Contact all credit reporting agencies such as the Canadian Anti-Fraud Centre, the Canadian Revenue Agency at 1-800-959-8281, and Equifax and/or TransUnion. These agencies allow you to dispute any incorrect record and verify all the information on your credit reports. Equifax and TransUnion also provide free credit reports so you can review a copy of your credit report!
• Place fraud alerts on all of your credit reports. Fraud alerts are an added layer of protection in that lenders must take additional steps to confirm your identity before opening an account.

If you receive a breach notification from an organization, read the notice carefully to fully understand the scope of the breach and any risks to your personal privacy. Treat the notice seriously, and keep it in a safe place in case you need the information later on. The notice will provide you with details about the breach, including:

• A description of the compromised personal information
• The steps the organization has taken to reduce any risk of harm to you
• What you can do to reduce your own risk
• Contact information of someone at the organization who can provide further information

If you have questions or concerns about a breach, the first thing you should do is contact organization involved in the breach directly. You can raise privacy concerns with the privacy officer at the organization. This can include:

• Contacting all of the companies involved in the identity theft. Demonstrate to them that you are a victim of such theft, that you did not open any accounts, and that no purchases of goods or services are legitimate.
• If necessary, filing a complaint with companies, dispute questionable charges, and share any other reports you have filed, such as police reports.

Identity theft is a traumatic and difficult experience and can severely damage your creditworthiness. It can leave you with bills that you did not incur and cannot pay. Recovering from the damage caused by identity theft can take substantial time and effort If you suspect that you are a victim of identity fraud, there are ways to dispute the charges, repair the damage to your creditworthiness, and stop your private information from being made available to criminals.

Ultimately, you need to stay vigilant! Bad actors will sometimes wait for a while between stealing your personal information and then using it. Don’t assume that just because nothing happened in the first few days after a breach that your information is safe. Be on the lookout for social engineering attacks. Social engineering is the practice of manipulating people in order to obtain confidential or sensitive data. A social engineer could use influence and persuasion, sometimes along with stolen information, to get you to divulge more personal information.

The blogs we’ve shared during Privacy Week 2024 aren’t something that should just be glanced at once a year. Be vigilant, be safe. Safeguard your personal data, and be aware of how privacy breaches can happen. You are the first line of defence.