FTC Releases New Data Breach Response Guide

If your business has experienced a data breach, you are probably wondering what to do next.
The Federal Trade Commission’s new Data Breach Response: A Guide for Business, accompanying video, and business blog can help you figure out what steps to take and whom to contact.
Key steps include:

• Securing physical areas potentially related to the breach, locking them, and changing codes if necessary

• Stopping additional data loss by taking all affected equipment offline immediately, being careful to not turn machines off or destroy evidence
• Monitoring all access points to your system (if a hacker stole credentials, you’ll need to change those credentials too, even if you’ve removed the hacker’s tools)

• Removing improperly posted information from the web and conducing a search to make sure other sites haven’t posted the information (if they have, ask them to remove it)

• Notifying law enforcement and all affected businesses and individuals

The guide also includes a model data breach notification letter.