Data breach: the steps to take without delay
Has your data leaked? Check your exposure, change reused passwords, watch your accounts, and outsmart the targeted phishing that follows.
Updated on June 15, 2026 · 2 min read
The news arrives by email or in the press: a service you use has suffered a data breach. Email addresses, passwords, phone numbers, or purchase histories end up in the wild. The announcement is unsettling, but a breach is far from inevitable harm. It is the days that follow, and how you react, that make the difference.
Assess your exposure
Start by measuring what is actually affected. Read the service's announcement carefully: it usually states the kind of data involved. An exposed password does not carry the same weight as a plain email address.
Then check whether your address appears in known breaches using an exposure-checking service. That tells you which accounts to handle first. Note every service where you used the compromised information: that is your to-do list for the next few minutes.
Change reused passwords
The single most important reflex concerns reused passwords. If the leaked password was also used on other accounts, those accounts are now vulnerable, because fraudsters automatically test stolen credentials across many services.
Change them, starting with the sensitive accounts: your main email, your bank, anything tied to payments. Each time, choose a password that is unique and strong, and check its robustness with our password checker. Also turn on two-factor authentication everywhere you can.
Watch your accounts and finances
A breach can fuel fraud attempts in the following weeks. Keep your eyes open.
- Watch your bank statements and report any unfamiliar transaction to your bank without delay.
- Pay attention to password reset emails you did not request, a sign that someone is trying to get into an account.
- Be wary of an unexpected credit refusal or a letter in your name, possible clues of identity theft.
Guard against targeted phishing
This is the most insidious effect of a breach: targeted phishing. Armed with your real data, scammers send highly believable messages, citing your name, your provider, a recent purchase, or the breached service itself, sometimes by posing as it.
Treat any message that seems to know you too well with heightened suspicion. Do not click in haste, never share a code, and always verify through an official channel. To lastingly reduce how much information about you is out there to exploit, a service like Incogni asks data brokers to delete your personal information.
If a breach leads to fraud, report it to a national fraud service such as Action Fraud and follow the steps they recommend. To understand how this data feeds identity theft, head back to the identity theft guide.
Partner links: we may earn a commission, at no extra cost to you.
FAQ
- My data leaked. Should I really worry?
- A breach is not an immediate disaster, but it raises the risk of account takeover and targeted scams. The right reflexes, especially changing any reused passwords, neutralise most of the danger.
- Why am I getting highly personalised scam messages after a breach?
- Because fraudsters use the exposed information (name, email, purchases, provider) to make their messages believable. This is targeted phishing. Be extra careful with any message that seems to know you.
Related reading
Hacked account: what to do to take back control fast
Has your account been hacked? Here are the steps to recover it: a clean device, a new password, two-factor authentication, and warning your contacts.
Identity theft: how data gets stolen and how to lock it down
Data leaks, account takeover, fake government services. Practical steps to protect your identity with unique passwords, 2FA, monitoring and data removal.