Incident Response Checklist:

• Handling of suspected devices: Avoid shutting down suspicious computers, as this may hinder forensic analysis. Instead, try to isolate them from the network, either by using firewalls or by physically disconnecting them.
• Event documentation: Carefully document everything that has occurred, including actions taken and your observations. This information is invaluable to our specialists.
• Identification of sensitive data: Assess what type of information is stored on the affected systems and evaluate its importance to your business operations.
• Risk assessment for personal data: Determine whether the affected devices contain personal data and estimate the risk to individuals if this data has been compromised.
• Review of accounts and passwords: Check whether any user accounts or passwords in the system could be reused elsewhere.
• Internal communication: Discuss the situation with your organization’s data protection officer or management.
• Consider reporting to authorities: Evaluate whether the incident should be reported to data protection authorities or other relevant government bodies.