PanicStation.org
UK USA
uk Technology & digital loss laptop stolen • stolen laptop • computer stolen • device theft • lost laptop • personal documents exposed • sensitive files on laptop • identity theft risk • account takeover risk • email compromised • password manager on laptop • two factor codes on device • cloud sync on stolen laptop • remote wipe laptop • find my device • bitlocker filevault worry • work laptop stolen • home laptop stolen • documents with passport details • documents with bank details

What to do if…
your laptop is stolen and it contains sensitive personal documents

Short answer

Treat this like an account-security incident first: use another trusted device to lock/erase the laptop (if possible) and secure your email account immediately, because email is the “master key” for password resets.

Do not do these things

  • Don’t sign into accounts from a random/shared computer (hotel lobby, internet café) unless you have no choice — use your phone or a trusted friend’s device instead.
  • Don’t assume “it’s probably fine” because there’s a login password — focus on what accounts were already signed in and what files were stored locally.
  • Don’t post public details about the theft (exact location, “find my device” screenshots, serial numbers) where someone could use them to scam you.
  • Don’t keep using the same passwords “until you have time” — the first hour is when you can prevent the worst outcomes.
  • Don’t engage with anyone who claims they “found it” and asks you to unlock it, read out codes, or click links — treat that as a scam.

What to do now

  1. Get to a calmer pause and write down the basics (2 minutes).
    Note: time last seen, location, and whether it’s a work device. If you have it: device name, make/model, and serial number (often in your purchase email or your device account page).

  2. Lock it or remotely erase it (only if you already set this up).

    • Use the “find/locate” service you normally use, or your work IT’s device-management portal.
    • If erase/wipe is offered, remember it may only complete when the laptop next connects to the internet. If you’re unsure, prioritise locking and removing access.

  3. Secure your email account first (the reset gateway).

    • Change your email password from a trusted device.
    • Sign out of other sessions/devices in your email security settings.
    • Check and remove any unfamiliar “forwarding rules”, “auto-replies”, recovery emails, or recovery phone numbers.

  4. Then secure the accounts most likely to cause rapid harm.
    Prioritise: banking apps, card accounts, payment services, your main cloud storage, and any password manager account.

    • Change passwords and sign out of other sessions where the service allows it.
    • If your password manager was on the laptop, change its master password and review the “devices/sessions” list.

  5. If the laptop had work/client/patient/student data: tell your employer/organisation immediately.
    Use the official IT/security contact. They may be able to disable access, trigger an enterprise wipe, and handle any data-protection reporting duties.

  6. Report the theft to the police and keep the crime reference number.

    • If you’re in immediate danger, call 999.
    • Otherwise report via your local force’s online reporting or 101, and keep the crime reference number for insurers/employers/providers.

  7. If you think the documents could enable fraud, add friction to identity checks.

    • Check your credit files with the UK credit reference agencies for unexpected searches/accounts.
    • If you’re higher risk (for example, scans of passport/driving licence, bank statements, NI number), consider an optional protective flag such as Cifas Protective Registration (a paid service).

  8. If you see signs of fraud or impersonation, report it promptly.
    Contact your bank/card provider’s fraud team right away, and consider reporting the fraud to Action Fraud (the UK’s national reporting centre for fraud and cybercrime).

  9. Make a quick “what was on it?” list while your memory is fresh.
    Examples: scans of passport/driving licence, bank statements, payslips, tax letters, tenancy documents, medical letters, client lists, saved passwords, browser sessions, backups. This list guides what you secure next.

What can wait

  • You don’t need to decide today whether to replace the laptop, upgrade security tools, or change every password you’ve ever used.
  • You don’t need to contact every organisation at once — focus first on email, money, and anything that can be used to impersonate you.
  • You can deal with insurance claims, device replacement, and tidy-up steps after the immediate account and fraud risks are contained.

Important reassurance

It’s normal to feel sick or frantic after a device theft — especially when personal documents are involved. Taking a few decisive steps (lock/erase if possible, secure email, then financial accounts) meaningfully reduces the chance of lasting harm.

Scope note

This is first-steps guidance for the first hours and day. If you later see signs of impersonation or financial fraud, you may need more specialised help (bank fraud teams, credit file disputes, employer data-protection support).

Important note

This is general information, not legal advice. If you believe you’re at immediate risk, contact the police using the appropriate emergency route.

Additional Resources
Support us