Between 2021-2022, nearly 1 million U.S. children fell victim to identity fraud, often through a school or healthcare data breach. That’s 1 in 43 children compromised.
Data breaches are scary enough as adults, but when you have a family, protecting your identities matters more than ever. In an age where data breaches seem to happen every month, that task feels impossible.
It’s not – you just need to know where to start.
The National Public Data Breach
2024 alone has seen over 1 billion personal records compromised through data breaches. That seems like a lot – but last December, as many as 2.9 billion records may have been exposed.
How?
Last year, background check company National Public Data reported around 1.3 million records exposed in a breach. Starting in April, some of that information appeared for sale on the dark web.
NPD maintains that the breach is smaller than the hacking group USDoD claims to have stolen. And, since NPD collects some data through web scraping, much of the leaked data appears old or inaccurate anyway.
Still, that’s a lot of potential names, email addresses, mailing addresses, phone numbers, and Social Security Numbers floating around!
What do I do??
You can see if you’re among the breached by entering your personal data into the Atlas Privacy or Pentestertools. (Though personally, I wouldn’t enter my SSN to see if my SSN’s been stolen!)
After that, you can use news of this breach as a reminder to lock down your family’s finances and identities.
What to do after a data breach
The first step is to monitor your families’ identities for signs of a data breach.
For adults, these may include:
- Unauthorized card charges
- New accounts opened in your name
- A stolen tax refund
- Unauthorized claims against your Social Security
Unusually, NPD’s alleged web scraping practices means that millions of children may also have been exposed. Unsolicited financial offers, unauthorized bills, and notices from the IRS or tax collectors could indicate compromised information.
Report the breach
If your family’s information was used illicitly, contact the FTC’s IdentityTheft.gov website to report the breach and get recovery steps.
Freeze your credit
Next, take a few minutes to freeze your credit at the three major credit bureaus: Experian, Equifax, and TransUnion. A credit freeze prevents anyone from accessing your credit or opening new accounts until you “thaw” it again.
However, most children don’t have a credit file, and that’s normal!
You can check for unauthorized files in your child’s name by putting their info into AnnualCreditReport.com. If they have a file, dispute or freeze it. If they don’t, experts usually don’t recommend opening a file just to lock it down.
Change passwords on active accounts
You should routinely update your passwords to stay ahead of bad actors. If, like most people, you have too many to remember, a password manager or paper notebook can help track them all. And, as annoying and difficult as it is, ignore the temptation to repeat passwords or usernames.
Get rid of old accounts
Unused social media, streaming, and subscription accounts make easy pickings for hackers. Instead of just never logging on again, actively delete all your old accounts. This doesn’t offer perfect protection, but it’s better than dangling information in the open!
What to do before a data breach
The second-best time to prepare for a breach is after it happens.
The first-best time is before.
Regularly monitor your credit
An oldie but a goody: at least once a year (if not weekly), pull all your credit reports. Check them for errors, unauthorized changes, misspelled names, the works.
Set up account alerts
Establishing alerts on all your accounts keeps you up-to-date on any changes. Credit reports, bank and credit cards, Netflix, Amazon, your local grocery store…If your personal information is involved, you should get alerts when anything changes. Period.
Set up 2FA/MFA
2-factor or multi-factor authentication requires you to verify your identity multiple ways to log in. (Think a website texting you a passcode at login.) 2FA and MFA locks your accounts, and therefore your data, down tighter.
Update your kids on internet and data hygiene
Not to scare you, but there’s a lot of stuff to protect kids from online. Unfortunately, one of the scariest things is…themselves.
Kids love having their own social media and online accounts. However you feel about your kids using the internet (and/or monitoring their activity), it’s important they know to never share personal data. Names, addresses, birthdays, SSNs, and other private or financial information stay offline.
Use “dummy data” when possible
Sometimes, like when you’re getting a loan or at the doctor, you have to use your real name. But when you sign your kid up for Webkinz or start an IG, “dummy data” (like a fake name and dedicated “junk” email address) offers extra protection for your family.
Scrub your data and watch your back
Because so many data brokers scrape your every online move for marketing purposes, it’s nearly impossible to scrub yourself from the internet. Some services, like Discover credit cards, offer free digital scrubbing for you. Or, you can pay a data broker removal service to remove your information.
If you’re still worried, you can pay identity theft and dark web monitoring services to let you know when your information appears where it shouldn’t.
Keep that software updated
iPhone or Android, name-brand or store-brand – you should always stay updated with the latest, most secure software. Like washing between your toes, there’s no excuse to slack on good hygiene!
Never assume you’re one-and-done with data security
Parents are busy people, and it’s a lot to ask that we also monitor our family’s online presence. Unfortunately, it’s part of the modern game – and not playing by the rules can get very, very costly.
Aside from monitoring your family’s online behavior in line with your rules, you can:
- Stay on top of account and password creation
- Set up all accounts to alert you for changes
- Keep all accounts in “private” mode
- Keep their pictures offline as long as possible
A pain? Yes.
Better safe than sorry? Also yes – even if it means sacrificing a little sleep or having a “tough talk” now and then.