What To Do If You Experience a Cybersecurity Breach

A Practical Guide for Individuals and Business Owners

In today’s digitally connected world, cybersecurity breaches are no longer rare events — they are part of the landscape. Whether you are protecting your household or your business, knowing what to do immediately can significantly reduce the damage.

Cybersecurity is no longer optional. It is part of responsible financial stewardship.

For Individuals

If you suspect your personal information has been compromised, your first priority is containment and control.

Start with your email account. Your email is often the “master key” to your financial life. Change the password immediately, enable two-factor authentication using an authenticator app rather than text-message codes, review recovery settings, and remove any unfamiliar forwarding rules. Securing your email first helps prevent attackers from resetting other account credentials.

Next, change passwords on financial accounts — including your custodian, bank, credit cards, and any online portals. Use long, unique passwords (12–16 characters or more), and avoid reusing passwords across platforms. A password manager can help you generate and store complex credentials securely. I use 1Password and have a family plan so we can access each other's passwords in the event of incapacitation.

Enable two-factor authentication everywhere it is available, particularly on financial accounts and cloud storage. This additional layer of protection dramatically reduces the risk of unauthorized access.

Closely monitor your accounts in the weeks and months following a breach. Review transactions at least weekly and set up alerts for withdrawals, ACH transfers, address changes, and new account activity. Prompt detection significantly limits potential loss.

To protect against identity theft, place a credit freeze with Equifax, Experian, and TransUnion. A credit freeze prevents new accounts from being opened in your name and can be temporarily lifted if you need to apply for credit. Placing a credit freeze is free and easy to do.

You should also consider obtaining an IRS Identity Protection PIN (IP PIN). This six-digit number prevents someone from filing a fraudulent tax return using your Social Security number. The IRS will reject any electronically filed return that does not include your unique IP PIN, making it one of the most effective safeguards against tax refund fraud. The IRS will issue you a new IP PIN each year to use with your tax filing. You can register for an IP PIN at https://www.irs.gov/identity-theft-fraud-scams/get-an-identity-protection-pin.

Review your credit reports regularly and watch carefully for unfamiliar accounts, incorrect addresses, or unauthorized inquiries.

Finally, be especially alert for phishing attempts. After a breach, fraudulent emails often increase. Avoid clicking links in urgent or suspicious messages. Instead, contact institutions directly using phone numbers listed on their official websites. Keep your devices updated with security patches, install reputable antivirus software, avoid public Wi-Fi for financial transactions (or use a VPN), and shred sensitive documents before discarding them.

These steps are practical, straightforward, and highly effective when implemented consistently.

For Business Owners

If your business experiences a breach, the stakes are higher because you are responsible not only for your own data but also for client, employee, and vendor information.

Begin by assessing and containing the breach. Identify affected systems, disconnect compromised devices from the network, and preserve system logs for investigation. Speed matters.

Immediately notify your IT provider or cybersecurity firm and consult legal counsel to determine reporting obligations. Depending on the nature of the breach, you may need to notify clients, vendors, or regulatory authorities. Transparency and timeliness are critical in maintaining trust.

Change administrative credentials across systems and implement two-factor authentication for all critical platforms. Review wire and ACH procedures and consider dual-authorization requirements for money movement. Financial fraud often follows data breaches, so internal controls should be strengthened promptly.

Engaging a cybersecurity professional to conduct forensic analysis is often essential. They can determine the root cause, remove malware, identify vulnerabilities, and recommend stronger safeguards.

Longer term, review internal policies. Limit access to sensitive data on a need-to-know basis, implement clear incident response procedures, maintain secure and encrypted backups, and test your restoration processes regularly. Employee training is equally important. Regular phishing awareness training and clear reporting protocols help build a culture of vigilance.

Encryption of sensitive data — both at rest and in transit — should be standard practice, along with consistent software updates and endpoint protection.

A cybersecurity breach can feel overwhelming, but decisive, structured action restores control. Whether you are protecting your household or your business, the goal is the same: contain the issue, secure vulnerable access points, protect against identity and tax fraud, and strengthen systems for the future. Cybersecurity is not just a technology issue. It is a financial planning issue — and part of protecting everything you’ve worked to build.