Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
PHOTO: Bloomberg/Bloomberg/Bloomberg via Getty Images
Now playing
02:18
How to protect yourself from hackers
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
PHOTO: NICOLAS ASFOURI/AFP/AFP via Getty Images
Now playing
04:22
Analyst explains why hospitals are vulnerable to hackers
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
PHOTO: Shutterstock
Now playing
02:24
Remote work leads to growing concerns over cybersecurity
PHOTO: CNN
Now playing
05:14
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
PHOTO: Graphics: John General/CNN
Now playing
04:35
Watch how a social engineering hack works
CNN Business
CNN Business' reporter Donie O'Sullivan ran his photo through Clearview AI's software during a demo at CNN's studio.
PHOTO: John General/Richa Naik/CNN
Now playing
02:33
Is this facial recognition app going too far? We tested it
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
PHOTO: Bloomberg/Bloomberg/Bloomberg via Getty Images
Now playing
02:18
How to protect yourself from hackers
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
PHOTO: Thomas Trutschel/Photothek/Photothek via Getty Images
Now playing
01:43
5 of the biggest data breaches​
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP)        (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP) (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
PHOTO: JOHANNES EISELE/AFP/AFP/Getty Images
Now playing
01:51
Romans: Don't trust companies to protect your data
PHOTO: Frederick M. Brown/Getty Images
Now playing
00:45
Weather Channel goes off air because of 'malicious software attacks'
LONDON, ENGLAND - AUGUST 09:  In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search.  (Photo by Leon Neal/Getty Images)
LONDON, ENGLAND - AUGUST 09: In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search. (Photo by Leon Neal/Getty Images)
PHOTO: Leon Neal/Getty Images Europe/Getty Images
Now playing
02:39
Here's why it's so hard to spot deepfakes
HANOVER, GERMANY - MARCH 05:  A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world
HANOVER, GERMANY - MARCH 05: A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world's largest information technology trade fair, will run from March 6-10, and advances in cloud computing are a major feature this year. (Photo by Sean Gallup/Getty Images)
PHOTO: Sean Gallup/Getty Images Europe/Getty Images
Now playing
02:32
Google+ to shut down after security bug
A lit sign at Facebook
A lit sign at Facebook's corporate headquarters location in Menlo Park, California, on March 21, 2018.
PHOTO: JOSH EDELSON/AFP/Getty Images
Now playing
03:39
Exclusive: Is Facebook doing enough to stop election meddling?
Now playing
02:54
A new approach to cybersecurity: Let the hackers in
Now playing
02:46
Inside China's biggest gadget market
(CNN Business) —  

Millions of Capital One customers have been affected by a data breach that the bank says happened in March when a software engineer allegedly exploited a vulnerability to access its systems.

Approximately 100 million people in the United States and 6 million more in Canada are affected, the company said, with about 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers compromised.

If you’re a Capital One (COF) customer worried about your data, there are immediate steps you can take to safeguard your personal information, experts say.

Here’s what you should do.

Don’t panic

First off, “get ready to spend some time and energy,” to make sure everything’s in order, said Erica Sandberg, a consumer finance expert based in San Francisco.

The bank says it will notify everyone who was affected by the breach, and offer them free credit monitoring and identity protection services.

Take advantage of those services.

Check your accounts now

Look over your credit card and banking statements, and report any suspicious activity to the bank as soon as possible.

“If you find suspicious activity on your credit card, banks like Capital One allow you to freeze your card so that purchases can no longer be made,” said Sara Rathner, a credit card expert at personal finance website NerdWallet.

“You can do this easily on the Capital One app or online.”

Some experts suggest being extra cautious to avoid potential future hacks.

“Change your passwords on all accounts,” said Sandberg. “Yes, again.”

Freeze your credit

Taking this step means that no one will be able to access your credit reports without your permission. In other words, if someone tries to take out a loan in your name, banks can’t review your report so they won’t authorize the credit.

“This can be done for free online through each of the three main credit bureaus: Experian, Equifax [and] TransUnion,” said Rathner.

Just be aware that it could lead to inconveniences, too.

“You can unfreeze it for your own applications but there will be a short delay. If you’re buying a home, vehicle, or applying for a loan or credit card, give yourself time to work on this,” said Sandberg.

“A lender or business won’t be able to gain entry to your credit file until you unfreeze it.”

Stay vigilant

Cybersecurity attacks happen all the time, but there are some best practices that could help protect your information in the future.

The key is staying vigilant, experts say.

One way to do that is to sign up for a credit monitoring service, if you’re not offered one by the bank and are still worried.

You could also check your credit reports yourself to make sure fraudulent accounts haven’t been opened in your name — and flag any reported balances that don’t match up to your statements, said Rathner. Do this at least once every quarter.

Another option is to request notifications about activity on your accounts from banks and other service providers. “If the companies offer activity alerts via text or email, it may make sense for you to sign up for them,” writes cybersecurity giant Norton by Symantec.

Watch out for scams

“Don’t respond to phone calls or emails from creditors,” warns Sandberg. “Call them using the phone number you find on the legitimate website.”

Also, check that you’re only visiting secure sites when browsing the web. “Reputable sites begin with https://. The “s” is key,” says Norton by Symantec. “This is especially important when entering credit card or other personal information.”

Lastly: Remember this could happen to anyone, anywhere.

“There are countless hacks going on all the time. We just don’t hear about them because they’re smaller, and the lenders and security teams tend to catch them before damage is done,” said Sandberg.

“I’m a Capital One cardholder and will be doing all of this.”