Experiencing a breach of data at your business can be a catastrophe. The size of your breach and the type of data that was lost will dictate how you should respond. Some of the most high-profile companies — Yahoo, eBay, Equifax, and Uber, to name a few — have experienced major breaches over the last few years. The way a few of these corporations reacted has given the world some clear examples of what not to do when private customer data is exposed. FX Technology will share the top three mistakes companies make after a data breach.
Mistakes to Avoid After a Data Breach
1. Don’t Wait to Inform the Public
Waiting to inform the affected parties of the loss of their information can result in a worse situation for you and your customers. This can result in a further damaged reputation, loss of customer trust, and serious legal liabilities.
For example, nearly three billion Yahoo user accounts were exposed in August 2013, and a further 500 million in 2014. Yahoo didn’t inform users of the full extent of the breach until 2016. Yahoo has yet to fully recover from the damage to their reputation and the financial repercussions of the breach.
It is crucial to be open and honest after a data breach so consumers can properly protect themselves before real harm is done. While it may be tempting to keep a data breach under wraps until more information is uncovered in an internal investigation — you are risking extremely negative exposure and further damage to your customers.
2. Don’t Negotiate with the Attackers
Uber’s IT systems were breached in October 2016, exposing 57 million users — including 600,000 driver’s license numbers. Uber responded by paying the hackers $100,000 to destroy the data, using their “bug bounty” program — designed to reward security researchers who report flaws in their software. To the surprise of absolutely no one, the hackers kept the money and reneged on their half of the deal. A $148 million dollar legal settlement and the biggest embarrassment in the ride-hailing company’s history were the result.
The reality of a data breach is your business does not have the power in the situation. Report the breach and get to work rectifying the problem. Bargaining with a hacker is too big of a risk to both your company and your customers.
3. Don’t Use the Same Security Strategy
Far too often, companies experience a data breach and only make small changes to their security system to fix the one particular weakness that was exploited. The reality of the situation is the culture and infrastructure of your company is likely what lead to the breach. Instead of placing a band-aid over the problem, it may be time to bring in an experienced IT security team to perform a security audit. Finding an experienced IT management team to handle your security can ensure another leak doesn’t occur.
Contact FX Technology for Expert Managed Security Services
If you have experienced a data breach, or you simply want to ensure it never happens, contact FX Technology today. Our team of IT and security experts have the knowledge and experience to create a rock-solid security system for your business. Call our team today at 417-895-9223 or simply request a free IT audit online.