If your business has experienced a data breach, you are probably wondering what to do next.
Key steps include:
- Securing physical areas potentially related to the breach, locking them, and changing codes if necessary
- Stopping additional data loss by taking all affected equipment offline immediately, being careful to not turn machines off or destroy evidence
- Monitoring all access points to your system (if a hacker stole credentials, you’ll need to change those credentials too, even if you’ve removed the hacker’s tools)
- Removing improperly posted information from the web and conducing a search to make sure other sites haven’t posted the information (if they have, ask them to remove it)
- Notifying law enforcement and all affected businesses and individuals
The guide also includes a model data breach notification letter.