Managing the situation after a data breach

It seems like there is a news report about a new data breach inside of yet another organization almost weekly. Data breaches are almost becoming a new type of normal. We expect that they’ll happen. 

Have you recently been notified that your data was included in a data breach? Just recently a North Texas county found itself in the unenviable position of needing to send letters out to every person who had signed up with the county for a COVID-19 vaccination. They’d experience a data breach. Every person who’d received a vaccination through the county had their personal data exposed to would-be criminals. 

Your organization may be taking the necessary steps to protect against hackers and data breaches, as much as is possible. But are you planning for the steps that you should take immediately after the breach is identified? Managing the situation is just as important as is working to prevent the situation. Public perception and the trust your customers have in you can flip quite easily if the wrong steps are taken.  

What are the right first steps? How do you assess the damage and the loss? Who do you speak to? Who can help? 

The answers can vary between businesses and the type of breach that you’ve experienced. Keep in mind that it’s not just the loss of data and the potential for financial losses. You risk the reputation of your brand if things are mismanaged. 

Why did the data breach happen? 

A data breach exposes proprietary corporate secrets, consumer information, and other personal data. Why did it happen to your company?  

We may not want to admit to it, but our largest IT security threat tends to be the human factor. A lack of awareness and cyber-savvy behavior amongst employees can be a contributing factor to the increasing cyberattacks we’re seeing around the world. 

These numbers can be controlled by minimizing the potential for human error with employee training sessions and cyber-awareness briefs. 

If your organization did not establish and stick to stringent security measures, it may face a data breach at least once. The frustrating part for your business is that the breach may go undetected for some time. Think of it like a slow leak in a tire. You may not initially know when the nail punctured your tire. Over time you will start to see the tire getting softer, until one day it’s undeniable that you’ve had something go wrong with the tire. The damage is done at that point.  

It is vital that organizations invest in robust security solutions to ensure their sensitive data and customer information can remain secure. 

You may be wondering why your business was targeted. Perhaps you sell plungers and bathroom accessories in Las Vegas? That hardly makes you a big mover and shaker in the corporate world. However, the data you have contained within your network is of great interest to cybercriminals. Within your systems you’ll have names, phone numbers, addresses, and financial details for each of your customers. Even just the credit cards you have on file for your customers can be of great interest to the cyberthief.  

Any bit of information that the machines on your network contain can be useful for a criminal. What should your next steps be? 

Take immediate steps to secure your systems 

Once you have detected the breach, your first step should be to secure your systems as fast as you can. The only thing that is worse than your company experiencing a data breach is your company experiencing multiple data breaches. It’s imperative that you secure your network so that you can minimize further risk. 

With an idea as to the source of the attack, you can begin the process of reformatting, restoring and resolving the fallout from the attack. It may be beneficial to bring in a third-party IT security team to help you to locate each source of the breach and to secure your system against further attacks. 

Next steps after the breach 

With your network secure, you need to put your investigator hat on and try to determine the extent of the damage that was done by the breach. 

  • Begin with an audit of your system and each of the devices that were used to access your system.  
  • If the breach begins to look like it was the result of human error, you will need to take steps to minimize a repeat breach by offering training sessions for each of your employees and contractors. 
  • Identify the customers and accounts that may have been impacted by the data breach.  
  • Evaluate each of the technologies that are being leveraged currently so that you can determine whether there is another option to provide you better protection. 

Security experts agree that adding robust authentication and authorization layers can be helpful in minimizing future breaches.  

Notifying the impacted individuals and businesses 

One of the most important things that your business needs to do is to reach out to the individuals who have been potentially impacted by the breach. During the course of your investigation, you will be able to discover each of those who were impacted. You may not be able to necessarily know the full extent of the breach but notifying those involved is a good step for your business to take. 

In your email or letter, be sure that you mention the date and time of the breach, while also mentioning the type of data that was potentially compromised. Be sure to discuss the next steps that you’re going to take to offer protection to their data as you move forward. 

If there is little evidence that your customers or employees had much of their data compromised, you may wonder just why it’s important that you contact them in the event of a data breach. 

All organizations, regardless of their size, should take steps to maintain their integrity and their positive reputation. Try as you might, a data breach is not something that you can easily hide from the public for an extended period of time. 

Prepare for the next security threat 

Once you’ve stabilized your network and the dust has settled from the breach, you can now focus on readying your organization for any future threats to security.  

Not taking the time to prepare your business for another cyberattack can leave the business and your customers vulnerable. Establish new company-wide privacy policies to help avoid any future breaches, as you also prepare a recovery plan that will take your new security features into consideration. 

Don’t forget that investing in team training is one of the best ways to guard your business against future cyberattacks that can potentially result from human error. 


The ever-increasing cases of data breaches depict a deep need for a robust authentication and security solution for each organization responsible for the protection of customer data. 

Businesses of all sizes should invest in stringent security measures that can help to avoid the risks of cybercriminals making their way onto your company network.