Tag

Data Breach Response Plan

Detailed guidance on creating a comprehensive data breach response plan tailored to your organization. Articles address risk assessment, stakeholder coordination, forensic investigation steps, and recovery procedures to restore operations quickly.

posts

Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

The Breach That Exposed 147 Million People — And a Broken Response When Equifax disclosed its 2017 breach, the technical failure got the headlines. But the real catastrophe was the response. Weeks of delay, a phishing-prone notification website, and executives who dumped stock before the public announcement. The company eventually paid

Carl B. Johnson Jul 09, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2026

The Breach That Didn't Have to Cost $350 Million When Equifax disclosed its 2017 breach affecting 147 million people, the eventual settlement topped $700 million. But here's what most people forget: the vulnerability that attackers exploited had a patch available months before the breach. Equifax didn&

Carl B. Johnson Jun 22, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

The Breach That Exposed 147 Million People — and a Broken Plan When Equifax disclosed its 2017 breach, the company technically had a data breach response plan. They had security teams, legal counsel, and a PR department. What they didn't have was a plan that actually worked under pressure.

Carl B. Johnson Jun 10, 2026 6 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2025

In May 2023, MOVEit Transfer suffered a mass exploitation that ultimately affected over 2,700 organizations and exposed data on roughly 95 million individuals. Some of those organizations had a tested data breach response plan ready to execute. Most didn't. The difference between the two groups wasn'

Carl B. Johnson Jul 15, 2025 7 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2024

When MGM Resorts got hit in September 2023, the chaos lasted ten days. Hotel room keys stopped working. Slot machines went dark. Reservation systems crashed. The estimated cost topped $100 million. And here's the part that stings — the initial compromise reportedly started with a social engineering call to

Carl B. Johnson Jan 22, 2024 8 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

Marriott Had 383 Million Records Exposed — And No Clear Playbook When Marriott disclosed its massive breach in 2018, the company revealed that attackers had been inside Starwood's reservation system since 2014 — four years of undetected access to 383 million guest records. The breach cost Marriott over $28 million

Carl B. Johnson Mar 18, 2022 7 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works

When SolarWinds disclosed in December 2020 that threat actors had compromised their Orion software update mechanism — infiltrating roughly 18,000 customer networks including multiple U.S. government agencies — the breach didn't just expose data. It exposed how many organizations had no real data breach response plan in place.

Carl B. Johnson Jan 14, 2021 8 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

The Breach Already Happened — Now What? In March 2023, Latitude Financial discovered a threat actor had accessed 14 million customer records — driver's license numbers, passport copies, financial statements. Their initial disclosure said 328,000 records. Within weeks, that number ballooned to 14 million. The company didn't

Carl B. Johnson Nov 26, 2019 7 min read