Security breaches suck. Unfortunately, they’re pretty common. According to the Washington Post, the latest high-profile ransomware attack occurred six weeks ago, hitting Dish and its subsidiaries Sling TV and Boost Mobile, and customers are still unable to access customer support. While the company has not confirmed whether any sensitive user information was stolen, we do know that at least some data was stolen. When there is a lack of clarity in these situations, it’s best to assume your data has been compromised and take steps to protect yourself.
Keep an eye out for suspicious activity
We’re inundated with spam emails every day, but keep a close eye on them after a data breach. If you notice a text message or email notifying you that an account is being created or a credit card is being opened that you know is not legitimate, it could be a red flag that someone is misusing your stolen information.
At the same time, false account creation information is a phishing tactic – so if someone raises your suspicions, proceed with caution. Never click on any links or download any attachments in strange emails or texts. Always visit the website of a trusted organization, enter the address in the URL bar yourself, and call them directly to address any questions about the fraudulent account. It’s a strange tightrope walk, but it will help protect you in the long run.
Keep an eye on your credit report.
One of the biggest risks in this situation is identity theft, and keeping a close eye on your credit history is a great way to spot suspicious behavior before it gets much further along. By monitoring your credit report, you can immediately see if someone has opened a credit card in your name.
You also don’t have to pay to check your credit report. In the past, you could check your credit report once a year for free. But from now until the end of 2023, you can do weekly checks for free. This applies to the three major credit reporting agencies – equifax, TransUnion and Experian – and you can request your credit score through AnnualCreditReport.com.
Freezing your credit
If you feel your data is at risk, or if you just want to err on the side of caution, consider freezing your credit. This is actually quite easy to do and will not harm your credit score or jeopardize your good standing with creditors.
A temporary credit freeze will prevent most activities that require someone to pull your credit, such as opening a new credit card or applying for a bank loan. You can temporarily lift a credit freeze to do these things yourself, so you don’t need to feel cut off from your financial goals by enforcing the freeze. It also doesn’t affect any accounts you currently use, which means you’re free to use your existing credit cards.
Change your password (and start using) a password manager)
When you find out that a company like Dish has been hacked, you may want to change your password. However, it’s also good practice to change passwords for other accounts, especially if you’ve previously reused a combination of passwords and email addresses. Ideally, you shouldn’t do this, but I’m a realist – I know that most of us reuse passwords. If your account has the same passwords as the hacked company, change those passwords too, because one way hackers can break into your account is by using passwords that were compromised from elsewhere. If they now have your Dish password, they will try it on your other valuable accounts. To avoid this becoming a problem in the future, start using a password manager to keep track of all your account logins. (Here are the 7 we recommend.)
Set up two-factor authentication
Suppose a hacker steals your password and tries to log into one of your accounts that happens to share that password. If you haven’t changed it, they will automatically access that account-unless you use two-factor authentication (or 2FA).
2FA requires your password and code to access your account. This code can be sent to your phone via SMS (although this is not the most secure method), using a 2FA authentication application such as bGoogleauthenticator or generated via a physical security key. You should set up 2FA using any account that supports 2FA, including accounts that were previously compromised.
Complaint
These suggestions help protect you in the future, but they do not hold the company accountable. However, it is possible to complain: you can file a complaint with the Better Business Bureau (here is a specific link for Dish complaints), with the Federal Trade Commission for violations of your data privacy, and with the FCC for violations involving television and telephone companies.
Complaining is not guaranteed to have any effect, but it can help you in two ways. First, you are alerting these agencies to the problem at hand, and second, you are starting a written record that will serve you well if a lawsuit is filed against the company that caused you harm.
