A hand selecting a red sheet of paper from a black folder labeled DATA and two office buildings in the background.

For companies of all sizes, a data breach seriously threatens their reputation. The impact of such an attack can be felt for months, if not years. By respecting proper data breach protocols, such as following local breach guidelines and assembling investigation groups, businesses can maintain company-client relationships and trust and productively manage the situation. Let’s explore data breaches in more detail, what to do if a company experiences a data breach, and how to prevent future ones from happening.

Table of contents

    What is a data breach?

    A data breach is when hackers gain access to company databases and make off with large loads of customer data. These attacks can be carried out in various ways, from using compromised credentials to social engineering to having inside help.

    The threat is real. Recent research has uncovered that 51% of the investigated companies have either experienced breaches or failed audits. And when the breaches happen, they can be enormous. The adult website CAM4 breach in 2020 leaked 10.8 billion (with a b, yes) records, exposing the data of millions of users, including names, emails, IP addresses, payment records, etc. 

    Yes, I know that the population of Earth is below the 10.8 billion mark. We’re talking about individual records, not users. 

    Hackers usually carry out these crimes for profit — selling large reams of personal data on the dark web is profitable — though some may be motivated by activism, vigilantism, or vandalism. 

    If you’d like to learn more, here’s one of our videos on data breaches:

    What happens when a company suffers a data breach?

    The most common problems a data breach can cause are loss of trust, government fines, operational problems, and attorney fees. 

    Some issues like security investigations, theft of intellectual property, and a damaged reputation can persist for a long time. This is because of significant privacy loss, the long investigation after a breach, and potential crimes from leaked data. 

    In addition, some companies suffer not one but multiple data breaches over time, which is why it is essential to monitor and fix any data vulnerabilities as soon as possible. 

    Also, many believe that data breaches are a problem only for giant tech companies, but that is simply not true. Hackers commit more than 40% of all data breaches against small businesses, which means that any company can become a target. 

    Protect your identity with Surfshark Alert
    We monitor the web 24/7 and warn you the moment your email, ID, or credit card details are leaked online
    Get Surfshark One
    Secure your identity online with a 30-day money-back guarantee
    Surfshark

    How should a company respond to a data breach?

    If a data breach happens to your company, here’s what you should do:

    Create a data breach response team

    This is the first step to take and should be done immediately to mitigate the harm. Include people from teams like information technology, human resources, legal, and assign a leader. 

    Inform affected customers and other parties

    Transparency is key. The longer you take to disclose information to your customers, employees, partners, vendors, and appropriate government agencies, the harsher the consequences will be.

    Isolate affected systems

    You can prevent a breach from causing further harm if you identify the exact computer, server, or database infected with malware or caught up in phishing. Make sure to cut off its access to other devices and data.

    Find out the legal requirements in your country

    The requirements for data breach incidents vary by country and state. They provide guidelines on what to do: how to inform the affected customers, which government authorities you should contact, the consequences, etc.

    Investigate what data was leaked

    PII (Personally Identifiable Information) such as social security numbers, birthdates, phone numbers, and financial information (credit card numbers and bank account details) can complicate the situation. You should assess the possible damage and the measures you have to take.

    Encourage employees to change their credentials

    Changing passwords will restrict criminals’ access to other existing accounts. Make sure your employees use complex passwords that are at least 12 characters long, with upper-case and lower-case letters, numbers, and symbols. It’s also essential to use unique passwords so that other accounts remain safe.

    Be transparent in your communication

    Schedule press releases that reveal the facts — don’t hide anything about the incident. Transparency will reduce the reputational damage for your company. Think about the questions that people might ask and answer them.

    Check your credit reports

    Suspicious transactions will appear in credit reports along with the places where the money was spent and at what time. You can then report the fraudulent charges.

    What can a company do about data breaches in the US?

    Aside from handling the breach internally, there are some external actions to take for a company affected by a data breach in the US. 

    Check your state laws on notifications

    You have to tell your customers about the breach, but how do you do that correctly? Breach notification requirements and legal obligations vary by state, so it’s vital to know which ones apply to your situation. These requirements can include how affected parties should be informed (via email, cell phone, text message, etc.); they also explain what agencies have to be informed if the breach affects more than 1000 people and penalties for not reporting the breach. 

    Offer free credit monitoring and other support

    Identity theft protection services will be helpful to the harmed parties, especially if financial data or Social Security Numbers are exposed. This will help minimize the damage to your customers and your company’s reputation. 

    File a police report

    You need to contact the government after a data breach. If your local police department can’t handle cybersecurity cases, you should contact another branch or the FBI.

    How can companies prevent data breaches?

    Taking measures beforehand is always the better option. Here are a few tips:

    Keep your data security tight

    Have a team or someone capable (the IT person!) monitor your systems and patch any loopholes. This way, you should be able to avoid a breach altogether.

    Have legal help on standby

    Lawyers often specialize in one sphere or another, so it’s best to keep in contact with someone who knows a thing or two about data breaches.

    Restrict access to your most valuable information

    Only grant access to employees who need specific data, especially financial information (granting the employees access to more data than they need is a common mistake). This restriction will limit the amount of information hackers can obtain.

    Organize employee security training

    Security experts should organize training sessions a few times a year to spread awareness and sustain the habit. Ask employees to change their passwords. New accounts should have a solid and unique password, and any reused or weak passwords of existing accounts should be changed immediately. 

    Update software

    Updates contain security upgrades, so it’s essential to install them regularly. Outdated operating systems and programs are easier to crack, and hackers can easily steal personal information from them.

    Create a data breach response plan

    Having a plan means your team can act quickly and effectively if a data breach occurs, limiting the harm the breach can cause. 

    What should you do if your data was breached?

    If you’ve experienced a data breach, here are some actions you can take: 

    1. Use Surfshark Alert

    Surfshark Alert is a handy tool that scans the largest data breach databases and swiftly informs you about any old and new breaches of your data. Alert also lets you add unlimited email addresses, credit cards, and national IDs for data breach monitoring.

    1. Make sure the data breach notification is legitimate

    Hackers are known to send spam emails disguised as breach notifications. Make sure to check the website of the company that reportedly suffered the breach or contact it directly. Don’t click on any links — they could be a phishing attempt to get your personal information.

    1. Log in to the breached account and change your password

    Time is of the essence here. Follow the strong password recommendations mentioned before or use a password manager. Don’t reuse passwords from other accounts.

    1. Delete unused accounts

    It’s best to delete an account if you don’t need it. Doing so will reduce the unnecessary digital footprint and might help you avoid a breach entirely. 

    By taking action quickly, you may prevent the amount of damage the data breach causes. Keep an eye on your accounts and report any suspicious activity straight away. 

    Are companies liable for data breaches?

    Sometimes, companies are liable for data breaches. Businesses may have to pay up if the breach occurs because of mishandling of data and lack of security before the breach. The fines may be even higher if the breach involves such data as Personally Identifiable Information or financial data.

    Customers can sometimes sue the company if criminals cause damage with the stolen details. However, the process is different for every country and state, meaning that it highly depends on your local laws.

    In a nutshell, are company data breaches a serious threat?

    The short answer is yes. Data breaches are dangerous to companies, employees, and customers, as criminals can use the stolen data for crimes like identity theft and financial fraud.

    Spending your own money yourself is stressful enough. Having a complete stranger spend your money without your say-so is even worse. 

    So why not take advantage of Surfshark Alert to keep an eye out for data breaches?

    Get real-time alerts for data breaches
    Know when your data gets leaked online
    Surfshark

    FAQ

    What steps should be taken immediately after a data breach? 

    After a data breach, the company should notify affected people and report the incident. A company should fix the breach and secure its systems to prevent further access from cybercriminals and hackers. 

    How is a company affected by a breach?

    If a company experiences a data breach, it may be at risk of legal consequences, disruption of operations, damage to its reputation, and financial loss. It’s essential to act as quickly as possible and be completely transparent with customers, employees, and partners to prevent any further damage.

    How can companies prevent a data breach?

    Companies can prevent data breaches by improving their security measures, conducting regular online safety checks, and training employees to remain as safe online as possible with a comprehensive training program that teaches them about the importance of cybersecurity. Creating a data breach response plan can help prevent future incidents, enabling companies to act quickly and prevent the situation from escalating. 

    What is a data breach response plan?

    A data breach response plan is a document that outlines how a company will deal with a data breach. It describes what to consider an incident, the steps to take if the situation occurs, and the people to contact to ensure it’s dealt with quickly and appropriately.