Received a data breach notification in 1Password? Take these 5 steps

• Is my sensitive data safe?
• How much of my information was stolen?
• What am I actually supposed to do next?

Thankfully, 1Password has your back. Let’s break down what a data breach actually is, and walk through five simple steps you can take to secure your data in the event of a breach.

What is a data breach?

A data breach is when someone with malicious intent gains access to sensitive data, such as financial information or social security numbers, without the owner’s permission. This information may be sold on the dark web, held under ransom for payment, or leaked to the public.

How to protect your data in the event of a breach

Here are five steps that you can take right now to protect your data in the event of a breach.

1. Check Watchtower for data breach reporting

Watchtower is built right into 1Password. The data breach monitoring tool informs you about security breaches on the websites you use along with other vulnerabilities, like weak passwords or unsecured sites. Watchtower will provide you with details about the data breach analysis, including what information may have been accessed and the date of the breach.

Depending on the site that’s been compromised, sensitive data such as your credit card numbers, Social Security number, or banking information can be at risk. Check Watchtower and read the details of the data breach to help you decide on the appropriate next steps, like contacting your bank or credit card company.

Watchtower only notifies you of security issues with sites that you’ve saved, which is why it’s critical to add all of your accounts to 1Password. You can also check Watchtower at any time to find out if any lower-risk websites you use have been compromised.

Find out more: Use Watchtower to find passwords you need to change.

2. Use a password generator to change your passwords

If Watchtower alerts you of a data breach, you’ll need to change your password for the compromised site right away. The 1Password password generator will provide you with a strong, unique password that you don’t have to commit to memory.

Even if the breach didn’t include login information, it’s still best practice to change your password to ensure future breach protection. Many people use the same password for multiple websites, which increases the chance of someone nefarious gaining access. If you’ve reused passwords for different sites, one data breach can lead to several of your accounts being compromised. Take this opportunity to change any duplicated passwords and limit your vulnerability.

Find out more: Change your passwords to make them stronger.

3. Turn on two-factor authentication

If you’re given the option, turn on two-factor authentication (2FA) to add a second layer of security to your accounts, on top of your usual login details. This extra verification method means that even if someone else has your password, it’ll be much harder for them to gain access to your sensitive data.

When it comes to 2FA, text message verification is less secure than using an authentication app. Phones can be stolen, SIM cards can be counterfeited, and texts are often sent to more than one device, like a laptop or tablet.

Protect your data by using 1Password as an authenticator for sites with two-factor authentication. 1Password allows you to store and quickly access your one-time passwords when you turn on 2FA verification for a website. You can even use Watchtower to easily check for sites that offer two-factor authentication.

Find out more: Use 1Password as an authenticator for sites with two-factor authentication.

4. Secure your business with domain breach reports

If you use 1Password Business or 1Password Teams, create a domain breach report to get a list of all company email addresses affected by known data breaches. It lets you see which email addresses have been affected, as well as the type of data incident that you are facing, so you can immediately prioritize your next steps.

1Password allows you to send a customizable email notification to anyone impacted by the data incident to help them update their information as quickly as possible. This email will let your team know exactly what’s been breached and offer easy-to-follow instructions on how to address the risks.

If they’re not already using 1Password, you can also invite them directly from the report so they can generate strong, unique passwords and safely store them for easy access.

Find out more: Create a domain breach report for your company.

5. Be proactive: Use best practices for securing sensitive data

You don’t have to wait for the next data breach to tighten up your online security. Instead, be proactive and protect your information by making security a habit.

• Check Watchtower. See weak and reused passwords at a glance and get notifications about a data incident as soon as it occurs.

• Create strong, unique passwords. Always use a password generator, and never reuse passwords across websites.

• Protect your credit card numbers. Use Apple Pay or Google Pay, or try Privacy Cards to keep your card numbers confidential.

• Delete old accounts. Fewer accounts mean a smaller chance that you’ll be involved in a data breach.

1Password has you covered with data breach protection

Although data breaches can never be completely avoided, you can still be proactive with your online security. Think progress, not perfection. With 1Password, it’s easy to make a habit of staying on top of data breaches and protect your online presence.

Editor’s Note: This article was last updated on May 16th, 2022

Emily Chioconi

Content Marketing Manager