hacker behind a computer with numbers in the background

What should I do if my data has been hacked or stolen?

profile photo
By Yosi Yahoudai
Founder and Managing Partner

In 2023, the United States witnessed a significant surge in data breaches, profoundly impacting its citizens. The Identity Theft Resource Center’s Q3 2023 Data Breach Analysis report reveals that over 233 million Americans fell victim to data breaches within the year, a number that exceeds previous annual records, indicating an escalating trend in data breach incidents.

Furthermore, the healthcare sector experienced a particularly alarming increase in data breaches, with incidents doubling from the previous year. Around 87 million Americans, approximately a quarter of the population, were impacted by healthcare data breaches in 2023. This is a stark increase from the 37 million affected in 2022. The breaches spanned across numerous states, with California and New York facing the most significant number of security incidents.

These figures underscore a growing concern about the frequency and severity of data breaches in the U.S., affecting a wide array of sectors, notably healthcare, and highlighting the need for enhanced data security measures.

If you find out that your data has been hacked or stolen, taking immediate action is crucial to minimize the potential damage. Here are the steps you should follow:

1. Change Passwords: Change the passwords for all compromised accounts, and if you use the same passwords on other accounts, change those as well. Use strong, unique passwords for each account.

2. Enable Two-Factor Authentication: Wherever possible, enable two-factor authentication on your accounts. This adds an extra layer of security beyond just the password.

3. Contact Affected Companies: If specific accounts or services are hacked, contact those companies immediately. They can take steps to secure your account and monitor it for suspicious activity.

4. Monitor Financial Accounts: Keep a close eye on your bank accounts and credit card statements for any unusual activity. Report any unauthorized transactions to your bank or credit card company immediately.

5. Check Your Credit Reports: Regularly review your credit reports from the major credit bureaus to look for any signs of identity theft, such as accounts you didn’t open or credit inquiries you didn’t initiate.

6. Report Identity Theft: If you suspect identity theft, report it to the relevant authorities. In the U.S., you can report it to the Federal Trade Commission (FTC) through IdentityTheft.gov.

7. Secure Your Devices: Ensure that your devices have updated security software. Run antivirus scans to check for malware that might be giving hackers access to your information.

8. Be Alert for Phishing Scams: Be cautious of emails or messages that ask for personal information, especially if they relate to the breached account. Hackers may attempt to use your stolen data in phishing attacks.

9. Inform Credit Bureaus: If your financial data is compromised, you might want to place a fraud alert on your credit reports. This tells creditors to verify your identity before opening new accounts in your name.

10. Educate Yourself: Stay informed about the latest cybersecurity threats and best practices for protecting your personal information.

Remember, the key is to act quickly and methodically. The sooner you address the issue, the better your chances of minimizing the harm

What should you say to the companies that you have had your data leaked from?

When reaching out to companies from which your data has been leaked, your communication should be clear, direct, and should seek specific information and actions. Here are some key points to include in your communication:

1. Identify Yourself Clearly: Start by providing your full name and any relevant account details (without disclosing sensitive information like full account numbers or passwords) to help them identify your account.

2. State the Issue: Clearly explain that you have been informed (or have reason to believe) that your personal data held by their company has been compromised.

3. Ask for Specific Details: Request detailed information about the nature of the breach. This includes what type of data was compromised (e.g., names, addresses, financial information), how the breach occurred, and the time frame of the exposure.

4. Inquire About Protective Measures: Ask what steps the company is taking to secure your data and prevent future breaches. This may include security enhancements, monitoring services, or other protective measures.

5. Request for Credit Monitoring Services: If sensitive financial data was involved, ask if the company is offering credit monitoring services or other forms of identity theft protection for affected individuals.

6. Ask About Next Steps: Request guidance on what you should do next. This may include changing passwords, monitoring your accounts, or contacting credit bureaus.

7. Document Communication: Keep a record of all communications with the company for future reference. This can be helpful if there are any developments related to the data breach.

8. Express Your Concerns: If appropriate, express your concerns about how the breach affects your privacy and security. This can include the potential risks you now face and any inconveniences caused by the breach.

9. Follow-Up Actions: If necessary, state that you expect to be kept informed of any developments or further actions you need to take.

10. Contact Information: Provide your contact information for them to respond to your queries and give updates on the situation.

Your tone should be firm but courteous, recognizing that while the breach is a serious issue, the individual reading your communication may not be directly responsible for the incident. It’s also important to follow up if you don’t receive a timely response.


What are the best ways to educate yourself about data hacks?

Educating yourself about data hacks involves staying informed about the latest cybersecurity threats, understanding common hacking methods, and learning the best practices for protecting your data. Here are some effective ways to educate yourself:

1. Follow Reputable Cybersecurity News Sources: Websites like Krebs on Security, The Hacker News, and Dark Reading offer up-to-date news on cybersecurity incidents and trends.

2. Read Cybersecurity Blogs and Articles: Many cybersecurity companies and experts maintain blogs where they discuss recent threats, security updates, and prevention strategies. Examples include the blogs of security companies like Symantec, McAfee, and Kaspersky.

3. Take Online Courses: Websites like Coursera, Udemy, and edX offer courses on cybersecurity topics, ranging from beginner to advanced levels. These can provide in-depth knowledge on how to protect yourself against data hacks.

4. Participate in Webinars and Online Forums: Join webinars and forums where cybersecurity professionals discuss current issues and share their expertise. Websites like Reddit have active cybersecurity communities (e.g., r/cybersecurity).

5. Read Books on Cybersecurity: There are numerous books available that cover various aspects of cybersecurity, from beginner guides to more advanced texts. They can provide valuable insights into how hackers operate and how to protect against them.

6. Subscribe to Cybersecurity Podcasts: Podcasts like “Security Now” or “The CyberWire Daily” offer insights into the latest security threats and discussions with industry experts.

7. Follow Government and Regulatory Body Updates: Follow updates from government bodies like the Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. or the European Union Agency for Cybersecurity (ENISA) in Europe for guidelines and alerts.

8. Use Security Tools and Resources: Utilize the website https://haveibeenpwned.com/ to check if your data has been part of a known breach. Many antivirus and security software providers also offer resources and tools to help educate users.

Remember, the field of cybersecurity is always evolving, so continuous learning and staying updated with the latest information is key to understanding and preventing data hacks.

At J&Y Law Firm, we recommend seeking professional legal advice when your data has been compromised. For further guidance or to discuss your specific case, contact J&Y Law Firm at (877) 426-6580, and our team of experienced attorneys will be happy to assist you.

author photo
About the Author
Yosi Yahoudai is a founder and the managing partner of J&Y. His practice is comprised primarily of cases involving automobile and motorcycle accidents, but he also represents people in premises liability lawsuits, including suits alleging dangerous conditions of public property, third-party criminal conduct, and intentional torts. He also has expertise in cases involving product defects, dog bites, elder abuse, and sexual assault. He earned his Bachelor of Arts from the University of California and is admitted to practice in all California State Courts, and the United States District Court for the Southern District of California. If you have any questions about this article, you can contact Yosi by clicking here.