Not much you can do except:

• change your password for that account that was breached. Also enable and consider reconfigure your MFA. The breach bypassed this, but it won’t hurt to reset it.

• but if you reused that same password for any other accounts, reset those passwords ASAP and do not reuse passwords for multiple accounts. Use a password manager like BitWarden to manage your passwords and also create sophisticated, unique passwords to help with this. The reason for this is if the breach stole your password and email/username, the hackers may try to use that information on other websites to see where else you used that same combo so they can break into those accounts with this newly acquired information. Some websites’ security is lacking, to say the least, and put your other accounts at risk.

• if in the US, freeze your credit. This isn’t foolproof, but it can help to make it slightly more difficult. Also consider getting something to monitor your credit and send you notifications if anything new has been set up with your credit. Most banks offer this either for free or for a monthly subscription now too. Or you can use something free like Credit Karma or the credit bureau to check. But a notification helps to stay on top if someone uses the information to get credit with your information. Not sure about those outside of the US, sorry.

• consider filing or joining a class action lawsuit. These fucking companies that lax security deserve to be sued to be reminded and shown as an example to others that we’re sick of having our information so easily accessed by hackers. They need to take security seriously or pay up to help ease some of the suffering and frustration we go through due to their incompetence. Suing them also forces them, in some cases, to buy subscriptions to monitor your credit which can be helpful.