1. Website Planet
  2. >
  3. Blog
  4. >
  5. What to Do If Your Website Host Suffers a Data Breach

What to Do If Your Website Host Suffers a Data Breach

Harry Stewart
Harry Stewart
32
October 29, 2018

You’ve just got word that your website host has become the victim of a data breach.

And although the full extent is still unknown, it’s entirely possible your business has lost control of sensitive client information or other important data.

How you respond from here is of utmost importance.

After all, the cost of a data breach will frequently run into the millions.

This article explains what to do should you find yourself in this terrifying and increasingly common situation.

What to Do If Your Website Host Suffers a Data Breach

Prepare Ahead of Time

Granted, it’s a little late now to write an in-depth incident response plan. However, proper preparation is so important that we’ll cover it all the same.

After all, “prevention is better than cure,” as the old saying goes.

Work closely with your web host to ensure your software is up to date and the latest security protocols are in place.

If you’re running a business that deals with highly sensitive data, it’s best to invest in a system capable of providing a high level of security such as a dedicated server.

Aside from tightening up these areas, you’ll also want to draw up a data breach response plan ahead of time which includes the contact details of relevant third parties.

On a related note, you may also want to check out this article on ten things to learn from web host data breaches.

Review Your Obligations

Depending on where you’re based and the specifics of the breach, you may be obliged to report the situation to customers and the authorities within a set timeframe. Failing to comply with such legal obligations will add significantly to the magnitude of the breach.

Ask your web host if they can provide advice on who must be informed and when. If they’re unable to help, consider consulting an attorney.

Be careful not to forget your ethical obligations either. Oftentimes, it’s better to provide more information than what is legally required in order to keep customers informed and prepared.

Keep Calm and Follow Protocol

What to Do If Your Website Host Suffers a Data Breach

Take a deep breath and try not to panic.

The last thing you want is to formulate a haphazard response. In fact, studies show businesses that rush their responses lose more money in the long run. Follow your incident response plan methodically while ensuring you comply with all regulatory requirements.

A reputable web host will be able to help with a response plan, which typically follows these steps:

1. Identify the Breach

Work out how the breach occurred. Was it the result of ransomware, malware, an open firewall port, outdated software, or perhaps just a lost laptop?

2. Isolate the End Points

Once you’ve figured out how the bad guys got in, it’s time to find a way to keep them out. Isolate the vulnerable system and eradicate the affected endpoints to prevent further intrusion.

3. Let the World Know

Communication is a key component of an effective data breach response plan. More often than not, it’s a legal requirement as well.

Immediately let your staff, vendors, and third-party suppliers know about the data breach and how it affects them. Train in-house staff on how to respond to outside inquiries, which usually entails referring the matter to your public relations team.

Promptly inform customers of what’s happened, what data is at risk, and what you are doing to rectify the situation.

4. Investigate, Document, and Improve

Treat your data breach as a learning experience by investigating and documenting the relevant details.

Throughout the process, log all results through a data capture so you can perform an in-depth analysis.

Among other things, you’ll need to validate the breach, identify vulnerabilities, and formulate a mitigation and remediation plan.

Could you improve your network endpoint security, update your antimalware tools, or improve your antiphishing policies? Now is the time to earmark potential security improvements to safeguard your business from future data breaches.

Get Professional Help

Of course, following the above data breach response plan is easier said than done. After all, many small to medium-sized businesses just don’t have the in-house expertise. In these situations, it’s wise to seek outside help.

Depending on the specifics, your web host may be able to offer some assistance. However, it might be necessary to contract third-party specialists as well. Website security platforms such as Sucuri can be perfect for this purpose.

Legal firms can advise on reporting obligations, cyber-security specialists can provide technical assistance including a post-breach security analysis, and public relations firms can help formulate an effective communication plan.

Obviously, all this outside help is going to be expensive. However, depending on the nature of the breach, it could well prove to be a wise investment. A proper and professional response will reduce consumer fallout, rebuild trust in your brand, and ensure your business doesn’t make the same mistake again.

Tell the Truth, the Whole Truth, and Nothing but the Truth

Transparency is another crucial factor in responding to a data breach. Businesses needn’t only inform their customers of the occurrence, but they must also endeavor to be as honest and accurate as possible.

Use a variety of channels including social media and email to achieve the greatest communication reach. Clearly outline the facts as well as the steps your business has taken to mitigate the issue.

Not only will this approach help keep customers onside, but it may also be a necessary part of complying with your cybersecurity insurance policy if you have one.

Online payday loan company Wonga provides a great example of what not to do. Rather than promptly and directly informing affected customers, they uploaded a small notice in a difficult-to-see section of their website. Understandably, consumers weren’t impressed.

Don’t Forget Your Customer Service

Your resources will be stretched in the event of a data breach. Nevertheless, it’s paramount to keep customer service at the forefront during the entire ordeal.

Focus on customer service as a separate issue, especially if the breach has directly affected the customer experience. It may be necessary to train staff on how to deal with anxious customers or even contract additional help.

If possible, look for cost-effective ways to compensate affected customers.

Under no circumstances should you attempt to profit off the situation. Remember the Equifax data breach? The company later tried to charge anxious customers for freezing their credit reports, which further tarnished their already-battered reputation.

Responding to a Data Breach

Data breaches are a sad reality of the modern world, and small to medium-sized businesses are no less at risk.

By following an incident response plan with a methodical approach, you can reduce the impact of the breach and minimize the likelihood of it happening again.


Sources:

The Average Cost Of A Data Breach Is Highest In The U.S. [Infographic]: https://www.forbes.com/sites/niallmccarthy/2018/07/13/the-average-cost-of-a-data-breach-is-highest-in-the-u-s-infographic/#5af5b8f32f37

Data Breach: Why Small to Mid-Sized Businesses Are More Vulnerable Than You Think: https://www.ssnesbitt.com/small-mid-data-breach-vulnerability/

32 claps
Clap for the post if you found it useful!

Related posts

Show more related posts

Any comments?

0 out of minimum 100 characters
Required Field Maximal length of comment is equal 80000 chars Minimal length of comment is equal 100 chars

We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.

Share this blog post with friends and co-workers right now:

We check all comments within 48 hours to make sure they're from real users like you.

Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!

So happy you liked it!

Share it with your friends!