top of page

What to Do When Your Personal Data Is Compromised: A 10-Step Approach

Updated: Oct 18

In today's digital age, data breaches have become an unfortunate reality. Alarming news reports about organizations falling victim to cyberattacks, thereby exposing sensitive personal information. And if your personal data are in those reported organizations that have suffered a breach, it is crucial to take immediate steps to protect your personal data and minimize the risk of identity theft or fraud. Below are the steps you can take once you learn that your personal data has or may have been compromised.

Step 1: Stay Calm and Informed

Upon learning about a data breach, your initial reaction might be one of concern or panic. However, it's important to stay calm. Start to gather as much information as possible about the breach. Check other news reports and any official statements from the affected organization. And any notifications you may receive from the organization about your personal data being among those breached.

Step 2: Verify the Breach

Verify and find confirmation that your data was indeed affected by the breach. Under the country’s data privacy law, organizations must inform individuals whose personal data have been breached within 72 hours of the suspected breach. The notification, if you receive it, will provide the extent of the breach and which among your personal data has been breached.

Step 3: Change Your Passwords

If your login credentials for the breached organization were exposed, change your password immediately. Ensure that your new password is strong and unique.

Step 4: Monitor Your Financial Accounts

Keep a close watch on the phone messages or notices you normally receive from your bank or credit card companies for any unauthorized or suspicious transactions. If you spot any, report them to your financial institution immediately.

Step 5: Freeze Your Credit Cards

If your credit card was compromised, freeze and restrict access to your credit card. The bank or credit card company can issue a new credit card or loan facility if you report a suspected breach.

Step 6: Beware of Phishing Attempts

After a breach, cybercriminals may attempt to exploit the situation with phishing emails or messages. Be cautious about unsolicited messages, especially those asking for personal or financial information. Do not click on suspicious links or download attachments.

Step 7: Monitor Your Personal Information

Continuously monitor your personal information for signs of identity theft. This includes keeping an eye on your email for unusual activity, monitoring your social media accounts, and being vigilant about your online presence.

Step 8: File a Report

If you suspect that your personal data has indeed been breached and/or is being used fraudulently, report it to National Bureau of Investigation (NBI) and file a complaint with the National Privacy Commission (NPC).

Step 9: Maintain Vigilance

Data breaches can have long-lasting consequences. Stay informed about the situation, and take appropriate actions as needed. Regularly review your financial and online accounts to ensure they remain secure.

Step 10: Protect Your Personal Data Going Forward

Use the breach as an opportunity to enhance your personal data security. This includes being cautious about sharing sensitive information online and practicing good cybersecurity hygiene.


In today’s digital landscape where data breaches are unfortunately common, taking swift and informed action is crucial to safeguard your personal information. By following the above steps, you can better protect yourself and minimize the impact of a data breach on your personal data and financial security. Remember, being proactive is key to preventing identity theft and fraud.

Written by:

Jun Malacaman

PVP's Data Privacy Expert

13 views0 comments
bottom of page