Benjamin Hosack
2 min read

You suspect your website may have been hacked and your priority is to get your online business back up and running as soon as possible.  With a worldclass team of cybersecurity specialists, we can certainly help you to regain control of your website and secure your client data.

BUT, before you jump into fixing mode, here are a couple of critical steps you need to take to ensure you can handle any enquiries from law enforcement agencies, Visa, Mastercard, Amex and others if it turns out that payment card data has been stolen.

Step 1: Take a full back up of your website right now, before any changes are made.

  • Create a compressed backup of the entire web root.
  • Export any database associated with the website e.g. into a .mysqldump format.

Why is this important?
If your website has been hacked and criminals have stolen payment card data, it is likely that there will be an investigation initiated by the card brands and/or law enforcement.  If that happens, you need as much evidence to defend support the investigation and defend your business.  Get that backup done ASAP and store it securely in an offline location.

Step 2: Prior to removing any suspect files from your website, ensure you keep a copy in a secure, compressed, offline location.

Why is this important?
These files may be required to support investigations at a later date, so make sure you keep a copy of them.

Step 3: Document all steps taken in relation to any suspected incident.

A written log with timeline will help considerably in any investigation process.

Step 4: If cardholder data has been potentially stolen, the sooner you notify your processor and acquiring bank, the better.

Your acquiring bank will be able to advise you on the best course of action.  They will also be able to advise Visa, Mastercard, Amex and the other brands if payment card data has been stolen.  Additionally, if you can notify the card brands before they identify the breach through fraud analysis on the stolen cards, then you will be a far better position when it comes down to the assessment of responsibilities and liabilities. We would recommend you to do the notification in writing/email so that you have evidence of the notification.

Incident Response Planning

Have you developed an Incident Response Plan?  If not, it may be worthwhile taking a look at our free Incident Response Planning Guide for tips on what you should be thinking about for your business.

Download our Incident Response Plan

If you need help:
We have a LOT of experience in managing situations involving the theft of payment card data, so if you're in any doubt about any of the above steps our team are able to help you.

Thanks once again and keep your online business safe.

 

Contact Us

Subscribe to our Blog

Contact Us

Access cybersecurity advisory services

 

Benjamin Hosack
Benjamin Hosack

Benj Hosack is a Director and co-Founder of Foregenix Limited. Foregenix is a specialist information security business delivering services in Forensics, PCI DSS, PCI P2PE, PA-DSS and information security solutions within the Payment Card Industry. Our technologies are designed to simplify security and PCI Compliance. Specialties: Cardholder Data Discovery - defining and reducing PCI DSS Scope / PA-DSS / PCI DSS / P2PE / Account Data Compromise Investigations. We are specialists in the Payment Card Industry and work with all types of companies in the payment chain (Acquiring banks, Processors, hosting providers, web designers, merchants, systems integrators etc).

See All Articles
SUBSCRIBE

Subscribe to our blog

Security never stops. Get the most up-to-date information by subscribing to the Foregenix blog.