If you discover a data breach, you should immediately notify the proper authority and also:
- Document when and where you found the breach.
- Immediately remove all personally identifiable information (PII) from the jeopardized system to prevent further unauthorized access.
- Notify the individuals whose data has been compromised so they can take protective measures.
- Take actions to contain the breach to prevent any further compromise.
- Assess the breach by gathering facts and evaluating the risks.
- Notify affected parties as required by law, such as supervisory authorities within specified time frames (e.g., within 72 hours under GDPR).
- Conduct a thorough investigation and preserve evidence without destroying forensic data.
- After containment and notification, conduct post-incident review and take measures to prevent future breaches.
These steps help mitigate damage, comply with legal requirements, and protect affected individuals.
