How to Recover from a Data Breach

Shocked that someone broke into like this? Learning how to Recover from a Data Breach can help start the healing process

Have you ever left something personal of yours in a public place without realizing until coming up empty reaching in your pocket for it? A sudden nauseating feeling bubbles in your belly and a cold sweat dots your forehead. You know exactly where you left it, but it’s probably already gone.

You return to the spot you were at and, just as you guessed, it’s gone. It’s not in the lost and found and no one has reported finding it. Great, you’ll have to cancel your cards and pick up a new phone, setting you hundreds of dollars behind your savings goal. You’re mad at yourself, but you’re more upset with the jerk who saw an opportunity to steal your stuff and took it. You’re made angrier still because you know that you could have stopped it from happening in the first place.

This is what it’s like when a cybercriminal burrows into your server, lays eggs in your network and makes off with your SMB’s financial and client data.

Like the stolen wallet, your data could have been protected had your company been more vigilant about its cybersecurity. According to Stay Safe Online, 77 percent of U.S. small business owners think that their cybersecurity action plan works, even when no said plan is in place.

Cybercriminals target agencies and organizations that have little to no cybersecurity; they could be targeting you. Should a cyber crook make your business his mark, you’ll need to know how to respond.

Read on to learn more about the steps you need to take after your business has been breached.

Verify what data was frozen, stolen or destroyed: Before you can get an understanding of what happened in the breach, you’ll need to ascertain what the cybercriminal did with your company’s data and how classified said data is. Did the cyber thief steal only the telephone numbers of clients or did they make off with client and staff SSNs and birthdates?

Depending on what the cyber crook took, you may have to pay a fee to get the data back, but keep in mind it’s already been compromised and the information posted for sale on the dark web. Check to see the standing of the data; if it’s being offered on the dark web it’s too late to save it.

Immediately change all compromised passwords and login credentials: You don’t want the cybercriminal making themselves cozy in your network, so, you will need to change all password and login credentials. Keep in mind that it is better to use a passphrase than it is to use a passcode. Passcodes can be easily guessed and the cybercriminal will use this same password to get access to your other accounts. Sadly, 55 percent of internet users recycle the same password (or a differentiation of the same password) for all of their accounts. This makes the cybercriminal’s job incredibly easy. They don’t have to hack; you’ve given them your password!

Using a passphrase (a sentence as your passcode) will make it more difficult for the hacker to crack your code and encrypt your files. Try to use a different passphrase for every account.

Contact your insurance agent: Contact your insurance agent about the data breach ASAP. Your data breach insurance will cover the costs of the ransom, any equipment damage and even court fees you might have to pay should a client take you to court for not better protecting their private information.

Contact staff and clients affected: Contact all those affected in the data breach. The sooner you contact your staff and clients and report the situation, the faster they can cancel credit cards or other information so that the cybercriminal doesn’t have a chance to steal from them too.

It’s hard to imagine that there are people out there waiting for you to make a mistake so they can swoop in and make off with your data—but they do exist. Do what all smart business owners do: protect your business, protect your staff and protect your clients.