What to Do If You’ve Experienced a System Breach

Reading Time: 2 minutes

Share:

Share on facebook
Share on twitter
Share on linkedin

The moments after you have experienced a breach are of the utmost importance and can significantly impact your organization and the effectiveness of a forensic investigation. If you suspect a computer systems intrusion or breach, you should:

Immediately Contain and Limit the Exposure

The goal of containing and limiting the exposure is to keep the breach from spreading. If you are unable or uncomfortable performing any of the following steps, the Sikich Forensic Team will be able to assist you.

  • Do NOT access or alter compromised systems (e.g., do not log on or change passwords).
  • Do NOT turn off the compromised machine. Instead, isolate compromised systems from the network (e.g., unplug the network cable). If for some reason it is necessary to power off the machine, unplug the power source.
  • Do NOT shutdown the system or push the power button (because it can sometimes create a “soft” shutdown), which modifies system files.
  • Preserve logs and electronic evidence. A forensic hard drive image will preserve the state on any suspect machines. Any other network devices (such as firewalls, IDS/IPSes, routers, etc.) that have logs in the active memory should be preserved. Keep all past backup tapes, and use new backup tapes for subsequent backups on other systems.
  • Log all the actions you have taken, including composing a timeline of any knowledge related to the incident.
  • If using a wireless network, change SSID on the wireless access point (WAP) and other machines that may be using this connection (with the exception of any systems believed to be compromised).
  • Be on high alert and monitor all systems.

Alert All Necessary Parties Within 24 Hours

Be sure to notify:

  • Your internal information security group and incident response team, if applicable.
  • The card associations and your merchant bank if the breach is part of a cardholder data segment.
  • The local FBI office and/or U.S. Secret Service (file a complaint online at http://www.ic3.gov).

If you have experienced a data breach, get in touch with experts right away.

Data breach hotline: 888.403.3438

We understand time is critical. Contact us and our data breach experts will respond as soon as possible.

This publication contains general information only and Sikich is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, you should consult a qualified professional advisor. You acknowledge that Sikich shall not be responsible for any loss sustained by you or any person who relies on this publication.

SIGN-UP FOR INSIGHTS

Join 14,000+ business executives and decision makers

GET UPDATES FROM OUR EXPERTS
  • Hidden
  • This field is for validation purposes and should be left unchanged.

Upcoming Events

  1. Don’t Miss That Call: the Role of an Ethics Hotline in Your Internal Controls

    December 1 @ 8:00 am - 9:00 am CST

  2. The Employee Retention Credit: An In-Depth Overview for Bankers

    December 2 @ 8:00 am - 9:00 am CST

  3. Success Everywhere: Digital Workplace Strategies for Professional Services

    December 2 @ 10:00 am - 12:30 pm CST

  4. Penetration Testing Webinar

    December 8 @ 11:00 am - 12:00 pm CST

  5. Combatting Inflation – It’s Time to Evaluate the Benefits of LIFO

    December 9 @ 8:00 am - 9:00 am CST

View All Events

Latest Insights

View All Insights

About The Author

Sikich LLP

Sikich LLP

Sikich is a leading professional services firm specializing in accounting, technology and advisory services. For over 35 years, Sikich has been helping clients focus on overall business growth and the components that result in building the bottom line. Sikich has more than 1,000 associates and has been ranked as one of the country’s 30 largest accounting firms and among the top one percent of all enterprise resource planning solution partners in the world.

©2020 All Rights Reserved.   Privacy Policy   Disclaimer

white sikich logo