William & Mary

How to Deal with a Security Breach

Used with Creative Commons RightsSecurity breaches committed against you or an organization with access to your personal information are serious crimes and are understandably stressful to the victims. Forty-seven states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have enacted legislation that requires private organizations or government entities, which have access to personally identitfiable information, to notify affected individuals in the event of a security breach. So if you read about a data breach in a news report and are unsure if you are affected, you will likely be notified in the event of an emergency. 

Security breaches can result in identity theft, fraud, unauthorized accessing of your medical and financial history, or damage to your credit. However, a security breach does not ensure that you will be a victim and, luckily, there are many ways to resolve any threats to your personal information.

The first step is to identitfy the type of attack that occurred and which aspects of your personal information were potentially affected. If, for instance, the theft was to a company's point-of-sale system (such as the 2014 Target Hack), your payment information would be at risk. If a security breach obtained access to personal identification information, such as accessing your SSN or driver's license number, you could be the potential victim of identity theft. 

Below you will find links to some very thorough guides for responding to a security breach or threat to your personal information. If you are looking to learn more about cyber security or would like additional help in establishing some extra layers of protection, please read through the resources on our security page.

Federal Trade Commission's consumer information guide to protecting your identity and personal data.

Federal Trade Commission's consumer information guide for navigating Identity Theft.

PrivacyRights.org's guide for determining the type of cyber attack and steps for addressing the threat.

Symantec's guide to best practices for cyber security.

Symantec's 2016 Annual Report on cyber threats.

National Conference of State Legislatures' index of state laws regarding cyber security breaches.