- Stay alert and monitor all systems that have cardholder data or may have connections to the cardholder data environment.
- Do not log in or change passwords on the at-risk systems. Do not log in as ROOT.
- Detach the at-risk system from the network by unplugging the cable. Do not turn it off.
- Change secure service identification on the access point and all systems using a wireless connection, except the at-risk systems.
- Save all logs and electronic evidence.
- Keep a record of all actions taken.
Overview
In the event of a data breach, respond quickly. Contact your acquiring bank immediately.
Response checklist
Follow these steps if you believe you have been compromised
-
-
- Notify your internal information security group and incident response team.
- Notify your acquirer.
-
- This should be done within 3 working days of the incident. See Appendix A of the What to Do If Compromised guidelines for the report template.
-
Deliver all potentially compromised Visa, Interlink and Plus account numbers within 10 working days. Visa will distribute the numbers to issuers and safeguard confidentiality.
Note: Visa and your acquirer will determine whether to conduct an independent forensic investigation.
Visa response team
Visa has two support groups to help you respond to a payment card breach.
Visa Fraud Investigations
- Works to obtain all potentially compromised account numbers
- Shares at risk account information with issuers
- Works with the appropriate law enforcement on your behalf
- Facilitates a timely forensic investigation
- [email protected]
Data Security Team
- Provides guidelines to assist your response to the incident
- Supports you in identifying security deficiencies
- Makes sure you take action to minimise future risk to account information
- Helps you quickly verify PCI DSS compliance
- [email protected]
More resources
Find more information on protecting your business
Minimising Payment Risks for Merchants Using Integrators/Resellers
Cybercriminals Targeting Point of Sale Integrators
Effectively Managing Data Breaches
Data Breach Communication Guidelines
Identifying and Mitigating Threats to E-Commerce Payment Processing