Breach Notification , Governance & Risk Management , Incident & Breach Response

Data Breaches: How to Respond to a Tipoff of a Problem

Troy Hunt Says Transparent, Calm Communication Is Key
Troy Hunt, creator of Have I Been Pwned

What should an enterprise do when someone reaches out and claims to have the company's data or information about a breach?

See Also: Demystifying Managed Detection and Response Services

There’s no rule book for a response, and such an encounter can often take a confrontational turn for the worse, says Troy Hunt, an Australian data breach expert and creator of the Have I Been Pwned data breach notification service.

”When an organization is standoffish, immediately each side starts putting up their defenses and is reticent to share information or is looking for assurance and guarantees and things that often hinder the process,” Hunt says.

In this video interview, Hunt discusses:

  • How to de-escalate situations where someone is threatening to release data;
  • Why inserting a page called “security.txt” into a website is the best way to send a positive signal to security researchers.
  • How the environment around reporting and responding to security vulnerabilities has somewhat improved.

Hunt created Have I Been Pwned, which notifies individuals when their email address turns up in breaches. He is a Microsoft regional director and MVP, Pluralsight author and internet security specialist. A frequent speaker at conferences around the world, he runs workshops focusing on secure authentication, best password practices and how to avoid data breaches.


About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.