What To Do If Your Data Is Stolen
A comprehensive incident response guide for individuals and businesses
🚨 Act Immediately If You Suspect Data Theft
Time is critical in a data breach. The faster you respond, the more you can limit damage and protect yourself or your business.
Discovering that your personal or business data has been stolen can be overwhelming. This guide will walk you through the immediate actions to take, recovery steps, and long-term prevention strategies to protect yourself and your organization.
Immediate Actions (First 24 Hours)
Step 1: Contain the Breach
- Disconnect affected systems from the internet immediately
- Preserve evidence - Don't delete anything yet
- Document everything - Time, what happened, what data was accessed
- Notify your IT team or security provider (like Phenicie Business Management)
- Identify the scope - What data was stolen? How many records?
Step 2: Change All Passwords
- Start with critical accounts: Email, banking, business systems
- Use strong, unique passwords - Never reuse passwords
- Enable multi-factor authentication (MFA) on all accounts
- Use a password manager to generate and store complex passwords
- Change passwords from a secure device - Not the compromised one
Step 3: Alert Your Financial Institutions
- Contact your bank immediately if financial data was exposed
- Freeze or monitor your credit with all three bureaus (Equifax, Experian, TransUnion)
- Watch for unauthorized transactions
- Consider placing fraud alerts on your accounts
- Request new cards if credit/debit card numbers were stolen
Recovery Steps (First Week)
For Individuals
- File a police report - You may need this for identity theft claims
- Report to the FTC at IdentityTheft.gov
- Check your credit reports for suspicious activity
- Set up identity theft monitoring services
- Notify affected parties - Employers, insurance companies, etc.
- Update security questions on important accounts
For Businesses
- Notify affected customers/clients as required by law
- Comply with breach notification laws - Different by state and industry
- Work with cybersecurity professionals to investigate the breach
- Review and update security policies
- Consider cyber insurance claims if you have coverage
- Prepare public communications - Be transparent but careful
- Document all actions for legal and compliance purposes
Legal & Compliance Requirements
Reporting Obligations
Healthcare (HIPAA)
- Notify HHS within 60 days for breaches affecting 500+ individuals
- Notify affected individuals without unreasonable delay
- Notify media if breach affects 500+ individuals in a state
Financial (GLBA, PCI DSS)
- Notify payment card brands immediately
- Comply with state breach notification laws
- Work with forensic investigators
Montana Data Breach Law
- Notify Montana residents without unreasonable delay
- Notify Attorney General if 1,000+ Montana residents affected
- Notification must include nature of breach, types of info, and contact info
Long-term Prevention Strategies
Essential Security Measures
For Individuals
- Use password managers
- Enable MFA everywhere
- Regular software updates
- Anti-virus/anti-malware software
- Be cautious with emails/links
- Monitor credit regularly
- Encrypt sensitive files
For Businesses
- Employee security training
- Network segmentation
- Regular security audits
- Incident response plan
- Data encryption at rest/transit
- Regular backups (tested)
- Access controls & monitoring
- Vendor security assessments
Helpful Resources
Identity Theft & Fraud
- IdentityTheft.gov - FTC's identity theft reporting and recovery resource
- AnnualCreditReport.com - Free credit reports from all three bureaus
Credit Freeze
- Equifax: 1-800-349-9960 or equifax.com
- Experian: 1-888-397-3742 or experian.com
- TransUnion: 1-888-909-8872 or transunion.com
Montana Resources
- Montana Attorney General: 1-800-481-6896
- Montana Office of Consumer Protection
Need Professional Incident Response?
Phenicie Business Management provides 24/7 cybersecurity incident response for businesses in Montana. Our team can help you contain the breach, investigate the incident, recover your systems, and implement stronger security measures.
Download This Guide
Keep a copy of this incident response guide for quick reference during emergencies
Download PDF GuideRelated Resources
Resource Center
Access security tools, guides, and support resources
MSSP Services
Managed security services to prevent data breaches
Free Security Scan
Check your security posture with a free assessment