Experiencing a Breach?
First Aid
We recommend following these first steps before doing further actions.
Contact Us
Please fill out the form below. Our team will contact you back shortly. If necessary, we support you with effective forensic analysis and cleanup.
1. Stay Calm and Assess the Situation:
It’s crucial not to panic. Stay calm, and gather as much information as possible about the nature and scope of the breach.
2. Isolate Affected Systems:
Immediately isolate the compromised systems from the network to contain the breach and prevent further spread. This includes disabling remote access. Don’t shut down the systems.
3. Document Everything:
Record all actions taken, and observations made. Log all dates, times, and details of the breach. This documentation is critical for understanding the breach and for subsequent investigations.
4. Notify the Incident Response Team:
Immediately inform the incident response team, even before forensic experts get involved. They can start preliminary assessments and help in mitigating the impacts.
5. Change All Credentials:
Discuss this with the Incident Response team. Sometimes it may be better to orchestrate a remediation and combine the password resets with other remediation tasks, e.g., like removing the backdoors. Reset all passwords, especially for critical systems and accounts that the attackers might have accessed. Enable multi-factor authentication where possible.