One Tech Tip: What to do if your personal info has been exposed in a data breach

abcnews.go.com:

Data breaches are becoming an almost regular occurrence

LONDON — Data breaches like the recent one involving millions of AT&T customers are becoming an almost regular occurrence.

As more of our lives move online, our personal data like email addresses, phone numbers, birthdates and even passcodes are becoming ever more vulnerable to theft or being mistakenly exposed.

In malicious breaches, cybercriminals can use stolen data to target people with phishing messages, or by taking out loans or credit cards in their name, a common and harmful type of identity theft.

Here are some tips to protect yourself.

In the United States, there's no federal law compelling companies or organizations to notify individuals of data breaches, but it's standard practice for them to inform affected customers and often provide identity protection services, said Oren Arar, vice president of consumer privacy at cybersecurity company Malwarebytes.

The situation is better in the European Union, where the 27-nation bloc's privacy regulations require disclosure of certain types of breaches.

Even after a breach has been made public, cybersecurity experts say people need to remain vigilant. Be on guard for phishing and other social engineering attempts, in the form of emails or phone calls purporting to be from the hacked organization or someone offering help. Contact the company or organization involved to see if they can confirm it. But use their official website, smartphone app or social media channels — don't use links or contact details in any messages you've been sent.

Also consult the Federal Trade Commission’s website for identity theft victims, identitytheft.gov, which provides step-by-step advice on how to recover from various