And now – what do I do now?
Oh, I don’t know
Oh, I’m leaving
And now, who’s gonna save me next time?
From Now What by Lisa Marie Presley
So there you are just minding your own business and chilling on PlayStation Network when…
Yikes! PSN has been breached! And now you and 100 million of your closest friends have been exposed. Now what?
This post on Credit.com News and Advice has some advice that you might want to check out.
Data breaches are an everyday occurrence affecting millions of Americans each year.
They’re all vulnerable to identity theft and other fraud because their personally identifiable information (PII), such as a birth date or Social Security number, for example, was exposed. That information could be used to commit financial fraud.
Here is a condensation of their 6 tips with my comments (you didn’t think you’d get off that easy did you).
- Review the breached account. Find out exactly what the pwned data losers (and I mean that quite literally) had of yours that might have been exposed. Forget what they ADMIT to losing and assume they lost it all. That includes not only credit card info but your credentials (login and password) to the site.
- Change all user access credentials. Change your password on the immediately affected site (DUH!) and then change your password on every other site that uses the compromised password. Now would be a dandy time to quit being an idiot and either get a password safe or use another method to choose strong unique passwords for every site and service you use. If you use the same password for PSN, your bank, YouTube, Facebook and Twitter… Uh Sorry. Sucks to be you.
- Notify existing creditors of the breach. MasterCard and Visa are pretty good about dropping fraudulent charges – if you tell them. The sooner the better. They will likely want to close that card and open a new one. If for some reason you used your debit card online… Again, Sucks to be you.
- Place a fraud alert on your credit file.Often the miscreant data losers will pony up for some kind of fraud protection in the wake of a breach. If they don’t you can – and should – set something up on your own. Often your creditors will offer at least limited time versions of these services at no charge. If they don’t then consider doing business with someone else. Seriously.
- Initial Fraud Alerts last for 90 days and require potential creditors to confirm the legitimacy of your identity before granting credit.
- Extended Fraud Alerts last for seven years. Victims of identity theft who provide credit bureaus with an identity theft report like this one are eligible.
- Review your credit reports for any unusual activity. Credit.com suggests you use annualcreditreport.com to get free annual credit reports. That’s not a bad idea, but be wary about some of the extended credit monitoring services offered by the credit agencies. I’ve had a less than satisfactory experience with Experian but have had decent luck with Equifax. In any case, no service can substitute for good old due diligence on your part. Pay very close attention to not only your credit card statements, but social security or other government entitlement accounts. In general, make sure you understand every nuance of any statement from any entity that pays or bills you.
- Consider placing a security freeze on your credit report. This is the nuclear option. Be sure you really understand this before you push that button. Go to ConsumersUnion.org and check out the Consumers Union’s Guide to Security Freeze Protection before considering this step.
So hopefully now you have at least some idea of what to do next. Since there doesn’t seem to be much hope in preventing these epic data breaches. At least as long as the data losers aren’t really penalized for their negligence. And before you start feeling sorry for poor Sony just pay attention to the cost of their services over the next few years after they’ve sucked you back in to PSN to see who really pays. But hey, you can always unplug the PS3 and play monopoly. Or basketball. With no risk of a data breach.