Security, Responding to compromised websites, servers, services, or assets
A website or server that I am responsible for has been compromised. What are my next steps?
When an administrator of becomes aware of a security event such as a compromised website, service, or server, and have not
received a notice or alert from Privacy and Security, they should contact firstname.lastname@example.org
to coordinate the incident response.
If an administrator receives a notice from Privacy and Security about a compromise they should respond as soon as possible and report back the steps taken to contain, fix, or otherwise mitigate any impact arising from the event. Security may filter assets from the network if warranted, or if no timely response is received regarding the compromised system.
The administrator of the system must inform Privacy and Security of mitigation steps taken, and whether or not the system stores sensitive information or has access to sensitive information.