A data breach occurs when private, protected, or sensitive information is exposed to a person who is not authorized to view it. This could be the result of an accidental event or a malicious attack.
The root cause of a data breach can be attributed to many different things, including loss or theft of unencrypted devices, hacking into a system by exploiting software vulnerabilities, and social engineering attacks such as phishing where insiders are tricked into divulging information. Regardless of the specifics, there are some basic steps to follow after experiencing a data breach that will help mitigate the damage.
First, make sure to enlist the help of an outside forensic team to determine the extent of the breach. These experts will capture forensic images of affected machines and document evidence to aid in remediation efforts.
Once you have a forensic team in place, consider notifying law enforcement and people whose personal information was breached. Providing timely information can limit credit card fraud and other forms of identity theft for those individuals. If stolen data includes Social Security numbers, you should also notify the major credit bureaus so they can alert consumers and recommend they put fraud alerts or credit freezes on their accounts.
To reduce the risk of a breach in the future, implement robust security measures for new hires and departing employees. Ensure that access is granted based on job function and is monitored to prevent the “walk-out” of corporate data.