Why is this important?
If your website has been hacked and criminals have stolen payment card data, it is likely that there will be an investigation initiated by the card brands and/or law enforcement. If that happens, you need as much evidence to defend support the investigation and defend your business. Get that backup done ASAP and store it securely in an offline location.
Why is this important?
These files may be required to support investigations at a later date, so make sure you keep a copy of them.
A written log with timeline will help considerably in any investigation process.
Your acquiring bank will be able to advise you on the best course of action. They will also be able to advise Visa, Mastercard, Amex and the other brands if payment card data has been stolen. Additionally, if you can notify the card brands before they identify the breach through fraud analysis on the stolen cards, then you will be a far better position when it comes down to the assessment of responsibilities and liabilities. We would recommend you to do the notification in writing/email so that you have evidence of the notification.
Have you developed an Incident Response Plan? If not, it may be worthwhile taking a look at our free Incident Response Planning Guide for tips on what you should be thinking about for your business.
If you need help:
We have a LOT of experience in managing situations involving the theft of payment card data, so if you're in any doubt about any of the above steps our team are able to help you.
Thanks once again and keep your online business safe.