How to Respond to a Data Breach

If you’re like most Americans, cybersecurity is always in the back of your mind, but it takes an event like Equifax’s massive data breach to bring it to full attention. After compromising the social security numbers of 143 million Americans, Equifax is facing scrutiny from the media, consumers, and even other businesses, as they’re an extremely trusted and public company, and are responsible for the biggest data breach of all time.

Important Steps to Take

These are the most important steps to take after you’ve suffered a suspected breach of data:

Prevent further data loss. The most important step to take after a breach is to prevent any further damages in the form of data loss. In some cases, the damage may already be done. In others, taking swift proactive action could diminish the potential damage caused by the incident. Investigate to determine the root of the breach; if there’s a security vulnerability, patch it. If necessary, take your systems offline until you can figure out exactly what happened. It’s important to stop the bleeding before moving forward.

Secure your physical storage. Next, ensure the security of your physical storage, whether that’s with an in-house server, or hosted with a cloud provider. Check the integrity of your data, and the integrity of your backups to get a clear understanding of the situation.

Contact law enforcement. Cybercrime is still a crime, so your next step should be to contact law enforcement and file a report. Make sure you tell police officers exactly what happened, when it happened, when you realized it happened, and any other details you can provide. Cybercrime specialists will likely work with your team to investigate the matter more completely, and hopefully identify the culprits.

Announce the breach to customers. As quickly as possible, announce the breach to your customers. This won’t be fun, and you’re going to face significant backlash no matter what you say, but the sooner you address it, the better. Addressing the breach quickly shows that you’re on top of it, and that you’re transparent enough to admit the breach to your customers. Apologize, and explain what you’re doing to correct the problem.

Give customers clear steps to take. Your customers will likely need to take action after the breach, such as changing their passwords, watching their bank accounts closely for fraudulent activity, or even freezing their credit. Print a brochure to send out, or create a website that lists the next steps each customer needs to take to remain secure, and have your customer service staff available to address questions.

Address and correct misinformation. As people talk about the breach and the media reports on it, you’re likely to see significant misinformation circulating, such as rumors about what happened or bad advice on what steps to take next. Have your PR team proactively scout for this misinformation and correct it as soon as possible—you don’t want things to get any worse because of bad information.


Leave a Reply

Your email address will not be published. Required fields are marked *