What Should You Do If Your Identity Is Stolen? (And How to Avoid It)

what to do if your identity is stolen

The past two decades have seen identity theft surge by a record 584%. This covers only reported incidents. Many victims go on for months and years before even finding out about a breach.

Needless to say, experiencing an identity-related crime can be disconcerting. How you respond and handle it will determine the extent of the loss you could potentially incur. Therefore, knowing what you should do when you discover your identity is stolen is critical for minimizing the damage and regaining control of your identity.

Essential Measures to Take When You Experience Identity Theft

A stolen identity can give way to various criminal acts.

With your personally identifiable information (PII), malicious actors could obtain credit cards, take out loans, file for tax returns, rent properties, or even receive medical services under your name. They could also assume your identity and target others for financial crimes, leaving you with legal fines and even criminal records.

Often, the consequences of identity theft are irreversible or may take years to rectify if left unaddressed. However, by taking effective measures, you can significantly reduce the impact and mitigate further crimes.

But your first reasonable step, before you do anything, should be to note down all the information and documents relevant to the incident. This could include call histories, email correspondences, bank statements, debt collector notices, security alerts, and the like. After that, take the steps outlined below as part of your personal recovery plan to take charge of the situation.

1. Inform the Organizations Impacted by the Identity Theft

The moment you realize a data breach has occurred, alert the relevant entities. Who you notify will depend on the specific incident.

Here are a few examples of the organizations you may need to contact.

Financial Institutions

If a criminal gains access to your payment details, speak to your bank and credit card issuers without delay.

Some financial institutions provide separate contact numbers to reach them during emergencies. If not, you can simply call them on the general hotline and ask them to freeze your accounts and cards to prevent unauthorized transactions.

Credit Bureaus

Keep in mind that the credit score of identity theft victims often takes a hit when criminals obtain debt under their names. You can protect yourself from such an event by notifying the three major credit bureaus—Experian, Equifax, and TransUnion—about financial information compromises.

They can help place a fraud alert, preventing scammers from receiving loans and credit in the future using your information.

Lenders and Insurers

When fraudsters take debt or make false insurance claims with your details, alerting the relevant organizations is important to help them trace the incident and prevent it from escalating further.

Healthcare Providers

If you suspect your social security number and health-related information are compromised, immediately inform your healthcare service provider.

Failing to do so could lead to grave repercussions. For instance, when fraudsters receive healthcare services under your name, inaccurate medical details can get entered into your files. This could mislead doctors to prescribe medication and treatments for conditions you don’t have.

Internal Revenue Service (IRS)

Your tax ID could allow scammers to file fake tax returns. To prevent this from happening, keep the IRS informed about relevant data breaches.

Sometimes, a single incident could lead to multiple unrelated events. For instance, a social security number compromise could result in criminals stealing your social security benefits, applying for loans, or obtaining medical services.

Therefore, you may need to alert several organizations about a data breach, considering the potential crimes that could take place. This is necessary for preventing future incidents.

avoid identity theft

2. Alert Government Authorities

Lodging an official complaint with your local law enforcement agency is essential, especially when you experience financial losses as a consequence of an identity breach.

You must also report identity theft to the relevant federal agencies.

One of the organizations to notify is the Federal Trade Commission (FTC). It has a separate website for identity theft victims to report incidents and create a personal recovery plan in detail.

Once you make a complaint, ensure you keep copies of the incident reports the police and FTC issue. These will be useful for disputing erroneous transactions and possible criminal charges you stand to encounter due to a data breach.

3. Scan Your Devices for Malware

There is a high chance that spyware, keyloggers, or similar malicious software is at the root of the data breach. If you don’t identify and remove it from your smartphone, laptop, or personal computer, it could continue to extract sensitive information, subjecting you to many more scams related to identity theft.

This is why your recovery plan must include a full malware scan of all your devices.

4. Change Your Passwords

If you know which personal accounts are compromised, immediately change your login credentials to prevent attackers from accessing them again.

Setting up new passwords for your other accounts, from email inboxes and social media to online bank accounts and shopping profiles, is also worthwhile as an extra precaution.

5. Apply for Replacements

Depending on the type of information criminals have stolen, applying for a new social security card, passport, driver’s license, tax ID, and other government-issued identity-related documents and numbers should be an important part of your recovery plan.

In addition, consider closing your existing accounts and opening new ones with banks, utility providers, insurance companies, and similar organizations if you think they are at risk. 

report identity theft

Preventing Identity Theft

Here are our top prevention tips to minimize the risk of a data breach and keep your identity safe.

Secure Your Digital Data

Sensitive information that could compromise your identity is not just limited to your social security number or tax ID. Even your account passwords, IP address, and geo-location details can allow criminals to identify and target you for identity theft.

To protect them,

  • Apply strong passwords that are unique and hard to guess.
  • Opt for a secure connection when using public wi fi.
  • Install malware protection to detect virus threats.
  • Keep all software, including your operating systems, up to date.
  • Be mindful of phishing scams that use impersonation techniques to extract personal and financial information.
  • Deactivate data tracking features, including cookies, search histories, cache, and password-saving facilities, devised by online platforms. 

Prevent Physical Data Theft

Identity theft doesn’t always involve sophisticated techniques. It can take place with a simple device or document theft, too.

To avoid such threats, be extra vigilant about your smartphone, laptop, and other devices that carry data, and prevent intrusions using passwords and biometric verifications.

Keep documents, such as your social security card, birth certificate, tax filing records, and bank statements, under lock and key. And always use a shredder when you need to dispose of documents carrying identifiable data. 

Verify Information

One of the top identity theft prevention tips experts suggest is corroborating communications before sharing personal or financial information.

For instance, double-check the source of emails, phone calls, or messages that request personal details or ask you to confirm what you have already provided to legitimate organizations. If you are unable to verify, avoid sharing your PII, following links, or downloading attachments shared by third parties.

If you think you know the relevant person or organization, use phone numbers you have already saved to contact them. When you don’t recognize them, there are plenty of free resources, such as search engines, to help you learn more information.

People search sites could be particularly useful for conducting background checks on unknown individuals and authenticating unfamiliar email addresses and phone numbers. These platforms compile databases using public records to give you access to large volumes of people data.

Nuwber, for example, lets you reverse search contact numbers to find out more about suspicious callers. It is one of the best resources to verify phone calls from unsaved numbers and confirm the authenticity of unsolicited messages. The platform’s capabilities encompass different search options. In particular, you can run a reverse email search to identify the owner of an email. Typing the name into Nuwber’s search field can also give you a lot of useful details about the individual.

Check Statements

You can detect early warning signs of identity theft by regularly reviewing statements and records sent by service providers. These include monthly bank and credit card statements, explanations of benefits from insurance companies, medical files, credit reports, etc.

Besides, pay close attention to letters from debt collectors, security alerts from reputed online platforms, and communications about new accounts and credit cards before you dismiss them as spam. These can all be signs of identity theft.

To Conclude

An identity breach can lead to costly and, sometimes, irreversible consequences. So, tackling it quickly with an effective recovery plan is essential.

If you suspect you have experienced such an incident, inform the organizations impacted by it and report identity theft to the police and federal agencies. Next, scan your devices for malware, change all your passwords, and apply for replacements of affected ID documents and personal accounts.

To safeguard yourself from potential threats, remember to protect your digital data and prevent physical data theft. Make use of free resources, such as search engines, people search sites, and other public records, to verify unsolicited communications. Don’t forget to check statements service providers send at regular intervals to identify transactions and activities you can’t account for.


Who can experience identity theft?

Unfortunately, anyone can encounter an identity-related crime, regardless of their age, gender, education, or financial standing.

How can criminals get hold of identity-related data?

Phishing is the most common technique reported by identity theft victims. In addition, malicious individuals could use hacking, malware, physical document or device theft, and third-party breaches to access your PII.

Which personal data is at risk of a breach?

All information that is unique to you can be at risk. This could range from your SSN, passport, and tax ID to credit card numbers, account credentials, and even your IP address.

What are the prevalent warning signs of a data breach?

Letters, bills, calls, and alerts about any type of activity that you don’t recognize could signal identity theft. These can include communications regarding new credit cards and debt applications, calls from debt collectors, transactions on your bank statements, and alerts about account sign-ins from new devices.

What are the common outcomes of identity theft?

Apart from financial losses, you can experience denial of services and even criminal charges as a result of a stolen identity.

Eugene Kirdzei
Eugene Kirdzei

Chief Technical Officer at Nuwber
With nearly two decades of experience in the IT industry, Eugene possesses comprehensive knowledge across his professional field, including in data management, data protection, and information search. Through his writing, he aims to provide valuable insights and practical advice on how to safely explore the online environment and leverage digital tools to enhance people’s lives.