Assessing the Damage
This is the first, critical step. Until and unless you know the full extent of the damage, you’re not in any position to do anything about it and begin undoing the damage that may have been caused. You also don’t want to potentially make matters worse by responding to the breach incorrectly or inappropriately, so make a thorough assessment your very first order of business.
Shoring Things Up
This will be an ongoing process, but the first, most immediate thing to be done after a breach and an assessment is to change any and all passwords that might have been compromised. If there’s any doubt, change them anyway. There’s no need to leave the front door open for the hackers, who might slip in and do more damage while you’re trying to fix things.
In the longer term, of course, the “shoring up” process will also include identifying exactly how the breach occurred, and closing any security weaknesses or loopholes you have, to minimize the chances of such a breach occurring again.
Contact Relevant Parties
Depending on the size and nature of the breach, there may be a lot of “relevant parties” to contact. Target’s recent breach saw them having to reach out to literally millions of their customers, whose account information was compromised. Of course, it’s not just your customers. You’re also going to want to reach out to the financial institutions and vendors with whom you do business and even government institutions as appropriate, depending on exactly what data were stolen.
Get The Authorities Involved
The next logical step would be to get law enforcement’s involvement. Hackers are notoriously good at getting away with it, and even if you manage to bring them to justice, it’s going to be small financial consolation for you, but it will also be one less hacker trolling the internet.
Finally, any time you face a situation like this, there’s going to be a loss of trust between you and your customers, and you and any other businesses you do business with. Having someone on point who’s a deft hand at plying those waters and keeping your customers and business partners updated is of critical importance. It’s not the first thing you should attend to, but also, you should not wait long before making an initial announcement. It will be much better that your customers hear the news from you than hear about it on the news.
Though all of these things must be accomplished after a data breach it is always best to seek the advice of your technology consultant. This is probably the best advice that can be given as there are too many possible issues and variables for each breach.