Your Phone Is Stolen. Your Laptop Gets Lost. Here's What to Do.
Miguel Porlan for NYT Wirecutter
By Dave Gershgorn
Dave Gershgorn is a writer covering monitors, laptops, and tablets. He is a certified display calibrator through the Imaging Science Foundation. Updated June 26, 2025
On a humid August night in Ferguson, Missouri, about 10 years ago, my phone was stolen.
I was working as a photojournalist covering the protests against Michael Brown's killing, and amidst the bustle of the packed street, my phone was snatched out of my lap. I chased after the thief, but as we made a turn off the boulevard, and the streetlights grew sparse, I gave up. My phone was gone.
That had never happened to me before, and I felt completely lost. I was far from my home in New York, I had no way to communicate with my family and friends and no way to get up-to-date information about what was happening around me, and I didn't have my saved travel plans or airline ticket home — or even any music. And suddenly all of that information was in someone else's hands.
After I returned home, I bought a new phone and set it up from scratch. I still had my photos and contact data saved in Apple's iCloud, but to this day, I don't know everything I might have lost.
A decade later, it's much easier to recover a phone — and all the personal information on it. Apple, Google, and Microsoft have each built location-tracking services, which allow you to track your device's last known location on a map in real time. Google added an AI-powered feature to Android phones that is designed to detect when your device has been snatched and locks the phone screen to make it harder for a thief to access your data.
Although these tools give you options if your device is stolen, they don't ensure that your data is completely protected. Dave Lewis, global chief information security officer at identity security company 1Password, told Wirecutter that the average criminal might not be able to circumvent facial recognition or a fingerprint reader and will most likely flip the device to someone else for parts.
'But for an attacker with any sort of technical savvy, if they have physical access to the device, it's game over,' Lewis said.
Today, I would do things differently, taking a few steps before my device is stolen as well as after. This is what I'd do. Explore all articles
1. Enable your device's Find My device-tracking tool. Finding your phone is easier if you have its Find My location-tracking feature enabled. Apple, Google, and Microsoft all have versions of this tool, which allows you to locate your device on a map, display a message on its lock screen, or play a sound on it remotely so that you can try to find it if it's nearby. We also recommend turning on a feature in iOS called Stolen Device Protection, which requires the person unlocking your phone to verify their identity with Face ID or Touch ID, wait an hour, and then verify again before being able to change sensitive information such as account passwords. Google has made a similar feature, called Identity Check, available for some Android phones.
2. Set your device to automatically create backups. Unless the phone's data is backed up, security experts told us that it's nearly impossible for the average person to retrieve information from their phone once it's already lost or stolen. If your phone is lost or stolen, you'll still be able to access data on Instagram or even your to-do list app, since most apps store information in the cloud and send it to your phone when you need it. But all the little things that make your phone yours, such as your settings and backgrounds, the way you arrange your apps, and anything you might have saved locally in your Files app, can be saved only if you've backed them up beforehand.
Both iOS and Android let you schedule regular automatic backups of all your apps and settings, which is absolutely essential. If you have a recent copy of your backup and don't need any of the information on the phone, you can remotely wipe all the data off it without losing too much. Otherwise, you're stuck trying to find and recover your phone.
3. Encrypt and back up your laptop. It can be particularly challenging to recover data from a stolen or lost laptop, since you're far more likely to have saved files to its hard drive rather than storing them in the cloud. By encrypting your hard drive, which is an option in both macOS and Windows, you can prevent attackers from extracting that data with their own tools if they don't have your password. We also recommend backing up your important files to an external hard drive that you store in a safe location, so you can recover your photos and documents even if your laptop is gone for good.
4. Use a password manager. A password manager is an essential service that we recommend to improve your online security. (We recommend 1Password or Bitwarden.) It works by creating and autofilling unique passwords for all of your accounts, and in turn you need to remember and safeguard only the master password to the password manager. Your data stays encrypted until the master password is entered, and you can deauthorize the device if it's stolen or lost to remove the potential of your passwords being accessed altogether.
5. Turn off message previews and lock Control Center access. If anyone looking at your phone can see messages as they pop up, that means thieves can also see two-factor authentication codes. That gives the thief an opportunity to crack into any accounts that send you a code when you log in. iOS and Android both give you the ability to hide message previews until your phone recognizes your face. (If you mark your phone as lost in the Find My feature, that automatically turns off message previews remotely.)
You can also turn off certain features of the lock screen, such as the Control Center, which gives quick access to Wi-Fi and other settings, until the phone has been unlocked by facial recognition.
Share this article with a friend.
Prevention, as they say, is the best cure, but life doesn't always unfold so neatly. If your phone, tablet, or laptop gets lost or stolen right this moment, don't panic. Here are the things you should do.
1. If your device was stolen, report the theft. Immediately after your device is taken, report it stolen to the police. If the missing device is a phone, report it to your cell carrier. Many carriers require you to give a previously established PIN to verify your identity and will then freeze your number (for more details, see information from AT&T, T-Mobile, and Verizon) until you add a new phone. The carrier will then block the old phone's unique serial number from connecting to its network.
2. Remotely lock down the device. If you enabled the Find My feature prior to the loss or theft, both Apple and Google give you options to remotely lock down your device. For an iPhone, you can visit Find Devices and mark the item as lost. For an Android phone, navigate to the Secure device setting in Google's location-tracking tool. Locking down the device makes it harder for thieves to access your Google account, pay using saved cards, or see alerts.
3. Revoke access to apps and remove multi-factor authentication. If a thief has your phone and is able to unlock it somehow, you should limit their ability to receive one-time passwords for your bank, for instance, or use applications that are permanently logged in. We recommend removing your phone as a multi-factor authentication device if you haven't turned off message previews as recommended above, if you have an easy-to-guess password, or if your cell phone line isn't frozen yet. Ronnie Manning, chief brand advocate for security key maker Yubico, separately recommends making a list of your most sensitive accounts, such as Google or Facebook accounts that you use to log in to other accounts, and then revoke your device from those accounts if it's stolen. You can usually find these settings under names like 'Account Access' or 'Security.'
4. Erase the device. With the Find My feature enabled before loss or theft, both Apple and Google will allow you to wipe data such as apps and photos from your stolen or lost phone while still being able to track it. Note that you should only wipe the device's data using the Find My feature, not fully remove the device from your Apple or Google account — that would allow the thief to set it up as new.
Now, it's time to get a new phone or laptop. Luckily, we have some recommendations.
This article was edited by Caitlin McGarry and Jason Chen.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CNET
15 minutes ago
- CNET
Free Money from 23andMe's Data Breach Settlement: Here's How to File Your Claim
Hackers used a credential stuffing attack to gain access to 23andMe accounts in October 2023. Getty Images/Viva Tung/CNET Ever used 23andMe? Well, now you may be able to get paid as part of the company's ongoing class-action settlement, but you'll have to move quickly. It's been a tough few years for the once-popular ancestry-tracking service, which in 2023 was struck by a prolonged data breach that allowed hackers to gain personal data for about half of the company's 14 million customers. The company has struggled ever since then and filed for bankruptcy in March 2025. It is now being acquired by TTAM Research Institute, a nonprofit led by 23andMe co-founder Anne Wojcicki, which outbid Regeneron Pharmaceuticals. The San Francisco-based company, which allows people to submit genetic materials and get a snapshot of their ancestry, announced in October 2023 that hackers had accessed customer information in a data breach. A January 2024 lawsuit accused the company of not doing enough to protect its customers and not notifying certain customers with Chinese or Ashkenazi Jewish ancestry that their data had been targeted specifically. It later settled the lawsuit for $30 million. "We have executed a settlement agreement for an aggregate cash payment of $30 million to settle all US claims regarding the 2023 credential stuffing security incident," a 23andMe spokesman told CNET. "We continue to believe this settlement is in the best interest of 23andMe customers, and we look forward to finalizing the agreement." A few months after that decision, there's now an official method available to make a claim and potentially get paid by 23andMe, in some cases as much as $10,000. Keep reading to get all the details you need, and for more, find out why T-Mobile settlement checks have been delayed and discover whether you can claim a piece of Apple's Siri privacy settlement. How many people did the 23andMe data breach hit? The settlement could cover roughly 6.9 million 23andMe customers whose data was targeted. To qualify, 23andMe customers must also have been US residents as of Aug. 11, 2023. That 6.9 million number includes around 5.5 million customers of 23andMe's DNA Relatives profiles, which lets people find and connect with genetic relatives. The other 1.4 million people affected by the breach used another service known as Family Tree, which predicts a family tree based on the DNA users share with relatives, 23andMe said. How much money could I get from the settlement? At the top end, 23andMe has said it would pay out up to $10,000 with an "Extraordinary Claim" to each customer who can verify that they suffered hardships as a direct result of their information being stolen in the data breach that resulted in unreimbursed costs. This includes costs from "identity fraud or falsified tax returns," acquiring physical security systems, or receiving mental health treatment. Residents of Alaska, California, Illinois and Oregon who were affected by the data breach can also apply for a payment as part of the proposed settlement, since those states have genetic privacy laws with damages provisions. The payments for these individuals are expected to be around $100, depending on how many people file for them, a settlement document said. Also, a smaller subset of affected users whose personal health information was impacted by the breach will be able to apply for a payment of $100. Infographic: Gianmarco Chumbe/CNET. Photo:Will the 23andMe settlement include anything else? Beyond those payments, 23andMe will also offer impacted users three years of a security monitoring service called Privacy Shield, which filings described as providing "substantial web and dark web monitoring." How can I file a claim for the 23andMe settlement? To file a claim electronically, you can use this official online portal from the Kroll Restructuring Administration. An additional online form is available if you would like proof of your claim sent to you. Potential claimants can also download and print out hard copies of the claim form and proof of claim form if they wish to submit them by mail. If you plan to use this method, send your forms to one of the addresses listed on the claims website. The deadline to make a claim is July 14. For more, you can read about how class action lawsuits work.
CNET
25 minutes ago
- CNET
AT&T to Pay $177M in Data Breach Settlements. See if You're Eligible
AT&T customers injured by data breaches have been placed into two classes. AT&T/CNET In April 2024, a major data breach of AT&T customer records resulted in a remarkable 110,000,000 victim notices, according to the Identity Theft Resource Center's 2024 Annual Data Breach Report. The price tag for those privacy violations -- combined with another 2019 data breach -- now appears to be set at a similarly impressive $177 million. On Friday, June 20, US District Judge Ada Brown granted preliminary approval to the terms of a proposed settlement from AT&T that would resolve two lawsuits related to the data breaches. The current settlement would see AT&T pay $177 million to customers adversely affected by at least one of the two data breaches. The settlement will prioritize larger payments to customers who suffered damages that are "fairly traceable" to the data leaks. It will also provide bigger payments to those impacted by the larger of the two leaks, which began in 2019. While the company is working towards a settlement, it has continued to deny that it was "responsible for these criminal acts." For all the details about we have about the settlement right now, keep reading, and for more info about other recent settlements, find out how to claim Apple's Siri privacy settlement and see if you're eligible for 23andMe's privacy breach settlement. What happened with these AT&T data breaches? AT&T first confirmed the two data breaches last year, announcing an investigation into the first in March before confirming it in May, followed by confirmation of the second one in July. The first of the confirmed breaches began in 2019. The company revealed that around 7.6 million current and 65.4 million former account holders had their data exposed to hackers, including names, Social Security numbers and dates of birth. The company first began investigating the situation last year after it reported that customer data had appeared on the dark web. The second breach began in April of 2024, when a hacker broke into AT&T cloud storage provider Snowflake and accessed 2022 call and text records for almost all of the company's US customers, around 109 million in all. The company stressed that no names were attached to the stolen data, and two individuals were arrested in connection with the breach. Both of these incidents sparked a wave of class action lawsuits alleging corporate neglect on the part of AT&T in failing to sufficiently protect its customers. How will I know if I'm eligible for the AT&T data breach settlement? As of now, we know that the settlement will pay out to any current or former AT&T customer whose data was accessed in one of these data breaches, with higher payments reserved for those who can provide documented proof that they suffered damages directly resulting from their data being stolen. If you're eligible, you should receive a notice about it, either by email or by a physical letter in the mail, sometime in the coming months. The company expects that the claims process will begin on Aug. 4, 2025. How much will the AT&T data breach payments be? You'll have to "reasonably" prove damages caused by these data breaches to be eligible for the highest and most prioritized payouts. For the 2019 breach, those claimants can receive up to $5,000. For the Snowflake breach, the max payout will be $2,500. It's not clear at this time how the company might be handling customers who've been affected by both breaches. AT&T will focus on making those payments first, and whatever's left of the $177 million settlement total will be disbursed to anyone whose data was accessed, even without proof of damages. Since these payouts depend on how many people get the higher amounts first, we can't say definitively how much they will be. When could I get paid from the AT&T data breach settlement? AT&T expects that payments will start to go out sometime in early 2026. Exact dates aren't available right now. The recent court order approving the settlement lists a notification schedule of Aug. 4 to Oct. 17, 2025. The deadline for submitting a claim is currently set at Nov. 18, 2025. The final approval of the settlement needs to be given at a Dec. 3, 2025 court hearing in order for payments to begin. Stay tuned to this piece in the coming months to get all the new details as they emerge, and for more money help, check out CNET's daily tariff price impact tracker.
Yahoo
32 minutes ago
- Yahoo
FCC chief had no discussions with White House on Trump Mobile phone
By David Shepardson WASHINGTON (Reuters) -The head of the U.S. Federal Communications Commission said on Thursday he had no discussions with the White House about the Trump Organization's self-branded mobile service and a $499 smartphone dubbed Trump Mobile. FCC Chair Brendan Carr, who was designated chair by President Donald Trump in January, told reporters he had learned about the project through a public press release and had no conversations with anyone outside the agency about it. "We're going to run our normal process if there's anything that needs to be done by the FCC on that," Carr said. "I think competition is a good thing - so think it's great we get more sort of entry, more competition." Trump Mobile is powered by Liberty Mobile Wireless, a Florida-based company founded in 2018 by entrepreneur Matthew Lopatin. The company operates as a mobile virtual network operator, renting bandwidth from major carriers such as T-Mobile to offer its own service under a different name. Separately, Carr said the commission is continuing to review CBS-parent Paramount Global's proposed $8.4 billion merger with Skydance Media. The FCC did not make a decision by the 180-day informal deadline in mid-May. "We continue to run our normal course review on that one," Carr said. Trump has sued CBS, alleging the network deceptively edited a "60 Minutes" interview with 2024 presidential candidate Kamala Harris to "tip the scales in favor of the Democratic Party" and the former vice president in the election. Trump's suit is seeking $20 billion. In January, Carr reinstated complaints about the "60 Minutes" Harris interview, as well as complaints about how Walt Disney's ABC News moderated the pre-election televised debate between then-President Joe Biden and Trump and Comcast's NBC for allowing Harris to appear on "Saturday Night Live" shortly before the election. CBS has urged Carr to dismiss the complaint, saying it did nothing wrong and that the complaint aims to turn "the FCC into a full-time censor of content."
