An ADC (Account Data Compromise) event occurs when a third-party attacker or a group of attackers gain unauthorised access to cardholder data that is held within an organisation in either electronic or physical form. Even though the number of ADC events may vary year by year, it takes only one ADC event to negatively impact an organisation.
What should an organisation do in case of an ADC event?
Not only can ADC lead to financial penalties or suspension/termination of an organisation’s merchant facility, but it can also damage the brand reputation in the long run. Here are the steps you need to follow as an organisation in case of an Account Data Compromise:
- Do not access or alter compromised systems.
- Preserve evidence: logs and keep track of all actions.
- Do not turn off compromised associated hardware machines. Instead, isolate compromised systems from the network.
- Be on high alert and monitor all systems with cardholder data and transaction information.
- Perform internal investigations, notify the incident response team and notify the merchant service provider.
- Adhere with applicable Federal, State, and Local law notification requirements.