Every day, the theft of personal and financial information puts people at risk of identity theft. Generally, thieves try to use the stolen data as quickly as possible to:

• Sell the information to other criminals.
• Withdraw money from a bank account.
• Make credit card purchases.
• File a fraudulent tax return for a refund using victims’ names.

Victims of a data loss should follow these steps to minimize the effect of the theft:

• Try to determine what information the thieves compromised. Compromised information may include emails and passwords, or more sensitive data, such as name and Social Security number.
• Take advantage of credit monitoring services when offered by the affected organization.
• Place a freeze on credit accounts to prevent access to credit records. It varies by state, but there may be a fee to place a freeze on an account. At a minimum, victims should place a fraud alert on their credit accounts by contacting one of the three major credit bureaus. A fraud alert isn’t as secure as a freeze, but it’s free.
• Reset passwords on online accounts, especially those of financial sites and email and social media accounts. Use different passwords for each account. Some experts recommend at least 10-digit passwords, mixing letters, numbers and special characters. Victims may also wish to consider using a password manager or app.
• Use multi-factor authentication, when available. Some financial institutions, email providers and social media sites allow users to set their accounts for multi-factor authentication, which requires a security code, usually sent as a text to their mobile phone, in addition to a username and password.

All taxpayers should keep a copy of their tax return. Taxpayers using a software product for the first time may need their Adjusted Gross Income amount from their prior-year tax return to verify their identity. Taxpayers can learn more about how to verify their identity and electronically sign tax returns at Validating Your Electronically Filed Tax Return.