What to Do After a Scurgere de Date: Your Pas cu Pas Action Plan

You get an email from a company you use: "We recently discovered a security incident that may have affected your informatii personale." Your stomach drops. Your name, email, phone number, maybe even your CNP (Cod Numeric Personal) — now in the hands of strangers.

Data breaches are no longer rare events. In 2024 alone, over 1 billion personal records were exposed globally. AT&T, Ticketmaster, Change Healthcare, Dell — the list grows every month. The question is not whether datele tale will be breached, but when.

Here is exactly what to do the moment you find out.

Step 1: Confirm the Breach Is Real

Before you panic, verify:

• Check the source — Did the notification come directly from the company's official email, or from a random address? Scammers use fake breach notifications to phish for more data.
• Visit the company's website — Look for an official announcement on their blog or security page.
• Check HaveIBeenPwned.com — Enter e-mailul tau address to see which breaches include datele tale. This free service by security researcher Troy Hunt is the most reliable breach database.

Step 2: Change Parola Tas Immediately

Start with the breached service, then move to any other account where you used the same password.

Priority order:

1. The breached account itself
2. Your primary email account (this is the master key to all your other accounts)
3. Banking and financial accounts
4. Any account using the same or similar password

Password rules:

• Use a unique password for every account — no exceptions
• Minimum 16 characters with mixed case, numbers, and symbols
• Use a manager de parole (1Password, Bitwarden, or Apple Keychain)
• Never reuse a password that was in a breach

Step 3: Enable Autentificarea in Doi Pasi (2FA)

If you do not have 2FA enabled on your important accounts, do it now. A stolen password is useless if the attacker also needs a code from telefonul tau.

2FA Method	Security Level	Best For
Hardware key (YubiKey)	Highest	Critical accounts (email, banking)
Authenticator app (Google Authenticator, Authy)	High	Most accounts
SMS codes	Medium	Better than nothing, but vulnerable to SIM swapping
Email codes	Low	Only if no other option available

Step 4: Freeze Your Credit

If CNP (Cod Numeric Personal)s, government IDs, or informatii financiare were exposed, freeze your credit immediately. A credit freeze prevents anyone from opening new accounts in your name.

In the United States:

• Equifax: equifax.com/personal/credit-report-services (or call 800-685-1111)
• Experian: experian.com/freeze (or call 888-397-3742)
• TransUnion: transunion.com/credit-freeze (or call 888-909-8872)

Freezing is free and does not affect your credit score. You can temporarily lift the freeze when you need to apply for credit.

Step 5: Monitor Your Financial Accounts

Set up alerts for every financial account you have:

• Bank accounts — Enable notifications for all transactions over $0
• Credit cards — Set up instant transaction alerts
• Credit monitoring — Use a free service like Credit Karma or the monitoring offered by the breached company
• Annual credit report — Check annualcreditreport.com for free reports from all three bureaus

Watch for these signs of fraud:

• Transactions you do not recognize
• New accounts you did not open
• Credit inquiries you did not authorize
• Mail or packages you did not order

Step 6: Secure E-mailul Tau

Your email account is the key to everything. If an attacker controls e-mailul tau, they can reset passwords on all your other accounts.

• Change e-mailul tau password to something unique and strong
• Enable 2FA with an aplicatie de autentificare (not SMS)
• Review connected apps and remove any you do not recognize
• Check e-mailul tau forwarding rules — attackers sometimes set up forwarding to silently copy your incoming mail
• Review recent login activity and sign out of unfamiliar sessions

Step 7: Watch for Phishing Attacks

After a scurgere de date, attackers use your exposed information to craft convincing e-mailuri de phishing. You might receive:

• Fake "security alert" emails asking you to "verify contul tau"
• Messages from "your bank" about activitate suspecta
• Emails offering free credit monitoring that link to phishing sites

Golden rule: Never click links in emails about security incidents. Go directly to the company's website by typing the URL yourself.

Step 8: Document Everything

Keep a record of:

• The breach notification (screenshot or save the email)
• All passwords you changed and when
• Any fraudulent transactions or accounts you discover
• Reports you filed with birourile de credit, banks, or law enforcement
• Time spent dealing with the breach (this matters for potential lawsuits)

What Was Exposed Determines Your Risk Level

Data Exposed	Risk Level	Actions Required
Email only	Low	Change password, watch for phishing
Email + password	High	Change all accounts using that password, enable 2FA
Name + address + phone	Medium	Watch for targeted phishing, social engineering
CNP / Government ID	Very High	Freeze credit, file furt de identitate report, consider furt de identitate protection
Financial data	Very High	Alert bank, monitor all accounts, freeze credit
Medical records	High	Monitor insurance statements, report to HHS

When to File an Furt de Identitate Report

File a report with the ANPC at IdentityTheft.gov if:

• Someone opened accounts in your name
• You notice unauthorized transactions
• Your tax return was filed by someone else
• You received bills for services you did not use

The ANPC report creates a recovery plan specific to your situation and generates official documents you can use with creditors and law enforcement.

Protect Your Informatii Sensibile Going Forward

A scurgere de date is a wake-up call. Going forward:

• Use unique passwords everywhere (a manager de parole makes this painless)
• Enable 2FA on every account that supports it
• Minimize the data you share with companies — do they really need your birthday?
• Use masked email addresses for non-essential signups
• Share informatii sensibile through secure, expiring channels instead of email or chat

When you need to share passwords, account numbers, or other sensitive details with someone, use LOCK.PUB to create a protejat cu parola memo that auto-expires. It is a simple way to keep informatii sensibile out of permanent chat histories and email threads.

Your Breach Response Checklist

Use this checklist immediately after learning of a breach:

• Verify the breach is real (official source, HaveIBeenPwned)
• Change the password on the breached account
• Change passwords on any accounts sharing the same credentials
• Enable 2FA on all important accounts
• Freeze credit at all three bureaus (if CNP exposed)
• Set up transaction alerts on financial accounts
• Secure your primary email account
• Monitor for phishing attempts
• Check credit reports for unauthorized accounts
• File an ANPC furt de identitate report (if needed)
• Document everything

The first 48 hours after discovering a breach are the most critical. Act fast, stay methodical, and protejeaza-te with the tools available — starting with LOCK.PUB for any informatii sensibile you need to share securely.

Create a Secure Memo →