So You've Been Pwned? A Data Breach Survival Guide

You put your email into HaveIBeenPwned.com and the screen turns red. You've been breached. Panic sets in.

Don't panic. Act.

Step 1: Identify the Leaked Data

Was it just an email? Or was it a password? Credit card? SSN? The severity depends on what was lost.

Step 2: Critical Password Reset

If a password was involved:

1. Change it immediately on the affected site.
2. Credential Stuffing Check: Did you re-use that password anywhere else? (Be honest). You must change it on every site where you used it. Hackers use bots to try that email/password combo on Netflix, Amazon, PayPal, etc.

Step 3: Enable 2FA

If the service supports it, turn on 2FA now. Even if they have your new password next week, 2FA stops them.

Step 4: Monitor Finances

If payment info was leaked, notify your bank. Freeze your credit using the three major bureaus (Equifax, Experian, TransUnion). It’s free and stops anyone from opening new loans in your name.

The Long Game

Expect phishing emails. Hackers know you are a customer of that breached service. They will send fake "Password Reset" emails pretending to be that service. Always check the URL.