Data breaches keep happening. It’s a scary reality. Every incident is a terrifying reminder of just how easy it is for our personal information to get into the hands of criminals.

The number of data breaches through September 30, 2021 has exceeded the total number of events in full-year 2020 by 17 percent (1,291 breaches in 2021 compared to 1,108 breaches in 2020). So far in 2021, nearly 281.5 million people have been affected by some sort of data breach.

If you’re notified that your information was compromised in a data breach, what should you do? Start with these tips.

Check Your Credit

When you’re looking to see if your information has breached, don’t forget to check the credit of your older loved ones as well anyone who has died. The statistics on identity theft of people who have passed on is astounding.

Change Your Password

Regardless of whether login credentials were included in a breach, it’s usually best to change your password. Companies often provide details about how passwords were encrypted, salted, or hashed, but these concepts are complicated, and it can be confusing trying to suss out how significant the threat is. Typically it’s best to assume the worst and change your password after a breach.

If you reuse a password, data breaches can give hackers access to every site you use that password on. For example, if your password is “1234passwordpro” on both Amazon and Target.com, and Target.com gets hacked, someone may try a technique called “credential stuffing” to find other sites you’ve used that password on. Eventually, they’ll try it on Amazon, and then you’ll have two compromised accounts.

Sign Up for Free Credit Monitoring

If the company experiencing the data breach offers you free credit monitoring, take advantage of it.

Watch Your Credit Card Accounts for Suspicious Activity

Don’t wait for your monthly statement to arrive; fraudulent charges may pile up before you notice. Check your accounts online frequently or set an alert to notify you whenever a charge above a set amount is made. You can challenge fraudulent credit charges, but your best protection from liability depends on alerting your issuer in a timely fashion.

Monitor Your Credit Scores and Reports

Watch for signs that someone has opened new accounts using your data. Check your credit scores regularly for unexplained changes. Scan credit reports for accounts you don’t recognize. This is something you can do yourself. Many personal finance websites and some credit card issuers offer free credit scores and credit report information you can access anytime. When choosing a free provider, look for one that sends alerts when new accounts are opened or when your credit score changes.

Decide How to Secure Your Credit Data

Consider a credit freeze. This strategy gives you the best firewall against your data being misused because it restricts access to your records. There’s a pricetag attached; it can cost up to $10 per bureau, and you must pay to lift the freeze later if you want to apply for new credit.

Fraud alerts are another option. They flag lenders and card issuers that credit applications should receive extra scrutiny. In most cases, a lender will contact you to verify a credit application. The service is free, but most alerts last only 90 days unless you renew them.

All three credit bureaus have a “credit lock” service, and they may offer these as an alternative when you try to freeze your credit. It’s easier to lift a lock when you want to apply for credit, but locks don’t block access as thoroughly as a freeze.

It’s important to note that all three bureaus’ terms of service require you to waive your right to participate in a class-action lawsuit and use arbitration instead. Cost varies, from free to more than $20 a month, but you may be able to lock all three bureaus with one service.

It’s never fun discovering that your data has been compromised, but taking these steps can help minimize the damage.