Popular articles

18 / 06 / 2016

Beyond the Keynote: MacKeeper Security Research Center Advises on Data Breach Emergency Plan

MacKeeper Security Research Center shares the most essential Dos and Don'ts following the data leakage.

On June, 18, hundreds of MacKeeper users and media representatives joined an exclusive webinar hosted by Chris Vickery, MacKeeper Security Researcher. During the 30 minute talk, Chris shared his experience as a data breach hunter and gave some insights into his discoveries, such as Microsoft, US Voter Database, Hello Kitty, uKnowKids child tracking service, and many others.

Here is the link to the recorded session of webinar: https://youtu.be/VhSDkUvyKZ8

In addition to the webinar, MacKeeper Security Research Center issues the emergency plan for companies experiencing data leakage.

“We discovered dozens of databases and witnessed how different companies responded to the incident and dealt with the aftermath. The problem is that the majority of company representatives still make basic mistakes when learn about the data breach. Data leakage is a stressful and disorienting event, that’s why, it is highly important not to panic and stick to a plan,” says Bob Dyachenko, MacKeeper spokesman.

MacKeeper Security Research Center outlines the best working tips and the common mistakes they have noticed as companies deal with data leakage.


Notify the internal team of IT department.

The first step is to investigate the cause for the leakage. This is the task for technical specialist to make an in-depth review of errors and identify what server has been compromised.

Contact the person who found the database.

If it’s possible, try to get in touch with the person who reported the data breach. This step is important mainly to get more information upon the flaw: which ports are open, what kind of personal information has been exposed and whether it has been secured. The answers to these questions will help to protect the database much faster and properly build the communication plan both with users and media.

Develop an emergency communication plan.

As soon as you have all information, make an official company statement containing the following information:

  • Unless your system was hacked, honestly admit the fault and accept responsibility.
  • Remember that this statement is made mostly for your customers, that’s why, describe what you're doing about the incident; what you are doing with affected sensitive data (if there was any sensitive data).
  • Update the statement as frequently as possible.

Inform all customers of the actions you've taken.

In addition to the statement, notify your customers that all steps have been taken to secure their data. Give the users an opportunity to get in touch with you and discuss their concerns. That’s why, internal communication is equally important as external. Your support team should be aware of the current situation.    


Do not invent stories and blame hackers for causing the data breach.

After uKnowKids.com database leakage, company’s representative tried the intimidation tactics against Chris Vickery and even tried to pretend his firm to be a victim of a hacker. Such stories are likely to come to the surface and show that your priority is not users but your reputation.

With so much sensitive information, immediate notice on uKnowKids’ site should have been the first step to calm down the concerned parents.

Do not claim that the database was fictitious when it’s real.

The recent case with Pacific Gas and Electric, electric utility company in California, showed that lies is not the best idea to solve the problem. Fictitious databases do not generally have areas specifically marked development, production, and enterprise. They do not generally have over 688,000 unique log record entries. This database did.

Don’t alarm your users. You should have a single key message and take a control over the situation.

Finally, as soon you know how the breach has happened, you can take measures to avoid future incidents.