{"id":89546,"date":"2019-06-17T09:00:39","date_gmt":"2019-06-17T16:00:39","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=89546"},"modified":"2025-06-30T03:38:47","modified_gmt":"2025-06-30T10:38:47","slug":"how-to-recover-from-a-security-breach","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/","title":{"rendered":"How to recover from a security breach"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Experts estimate that ransomware attacks are up over 600 percent. For most companies, the issue isn\u2019t if a cyberattack is going to happen, but when. Some security experts advise that the best way to recover from a security breach is to plan for it before it happens.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Today we take you through:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Strategies for building a plan for a cybersecurity attack.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Four tips for sharing information with your customers.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">How to mitigate or prevent cyber incidents.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"strategies-for-building-a-plan-for-a-cybersecurity-attack\">Strategies for building a plan for a cybersecurity attack<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">It\u2019s natural to focus on technology and systems during a cyberattack, but it\u2019s just as important to understand how your business is going to respond to the event\u2014internally, to your customers, and to the general public. How do you escalate information and to whom? You often need to integrate input from communications, operations, IT, finance, and other departments. That\u2019s why creating a plan is so important. You want to make sure you can respond quickly and have the right outcomes for your business priorities.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You also need to identify the impact on your systems. Understanding the technology impact during a breach often involves coming up with an internal security operations center (SOC) process flow, decision trees, and a communications escalation process that identifies when you get information, who is told about it, when are they told, and what they need do about it. We often place information into different categories to give us the opportunity to identify information and the business the chance to think things through and build the plan before there\u2019s an actual incident.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"four-tips-for-sharing-information-with-your-customers\">Four tips for sharing information with your customers<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Companies that contain a security breach in less than 30 days can save millions of dollars. That\u2019s an incentive. But the impact of a breach is more than just financial\u2014it impacts your reputation.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here are four tips for responding to customers in an efficient, thoughtful way that can mitigate the damage of the attack:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Deliver the right message to your customers after a breach\u2014quickly.<\/strong> Companies used to have the luxury to wait and let the investigation play out before updating the public. Now there is the expectation that if a company has information, it\u2019s doing a disservice to its customers by withholding it.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Be simple and clear. <\/strong>This is where working with your communications team is essential. Practice your communications and response plan before it happens to learn how to improve.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Be cautious.<\/strong> Being transparent and clear doesn\u2019t mean that you have to say absolutely everything about the investigation. In technology, investigations can lead to additional discoveries. Make it clear that the investigation is ongoing and provide updates as the story unfolds. Don\u2019t say anything that you wouldn\u2019t stake your job on, because you might have to.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Divulge any information that could benefit customers who have been affected by the breach and think beyond your business.<\/strong> In 2018, Under Armour reported that their fitness and nutrition app, MyFitnessPal, was hacked. Email and hashed passwords were stolen\u2014affecting 150 million users. Under Armour advised customers to change the password for their app and anywhere it was used. That action demonstrated to customers that the company thought about the impact of the breach beyond their product.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">Increasingly companies are expected to think about their customers beyond their specific relationship and consider how a data compromise impacts a customer\u2019s relationship with other companies and accounts.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"how-to-mitigate-or-prevent-cyber-incidents\">How to mitigate or prevent cyber incidents<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The modern threat landscape is growing in sophistication and volume. As everything is becoming more digitized, there are more ways for bad actors to harm your company.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here are some best practices that you can use to monitor your environment and combat threats:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Visibility is a key component to effective cybersecurity and monitoring.<\/strong> This includes having a good SOC and visibility into mobile users, remote workers, and business partners. The more you know about what\u2019s happening on your network, including the cloud, the more effectively you can safeguard your environment.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Cyber hygiene and up-to-date security tools are necessities for businesses of all sizes.<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Even if you\u2019re a small or mid-size company, you can still have good security practices. You can have controls in place, outsource to a company, or work with your provider to get insight into your network. <a href=\"https:\/\/azure.microsoft.com\/en-us\/overview\/productivity\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Azure<\/a> automatically gives you access to see what\u2019s happening in your part of the cloud. <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/security-center\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Security Center<\/a> enables everybody to see what\u2019s happening in a hybrid cloud environment. You don\u2019t have to have a big cyber defense center to build good security practices.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Security solutions, such as <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/technology\/threat-protection\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Threat Protection,<\/a> provide multiple layers of threat protection across data, applications, devices, and identities and can help protect your company from advanced cyber threats. The security services in Microsoft Threat Protection, enriched by 6.5 trillion daily signals from the <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/operations\/intelligence\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Intelligent Security Graph<\/a>, work together to mitigate today\u2019s threats.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"get-started\">Get started<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">For more detail on actionable tips from security experts on how to recover after a data breach, watch the video, <a href=\"https:\/\/info.microsoft.com\/ww-thankyou-how-to-recover-from-a-security-breach-video.html?LCID=EN-US\" target=\"_blank\" rel=\"noopener noreferrer\">How to recover from a security breach<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.<\/p>\n","protected":false},"author":96,"featured_media":89547,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","_alt_title":"","ms-ems-related-posts":[],"footnotes":""},"post_tag":[3742,3822,3809],"threat-intelligence":[],"content-type":[3659],"job-role":[],"product":[],"topic":[3674,3684],"coauthors":[1916],"class_list":["post-89546","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","tag-azure","tag-microsoft-security-insights","tag-security-strategies","content-type-best-practices","topic-incident-response","topic-security-operations","review-flag-5-1694638266-171","review-flag-6-1694638266-691","review-flag-anywh-1694638264-237","review-flag-integ-1694638263-281","review-flag-percent","review-flag-watch-1694638270-905"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to recover from a security breach<\/title>\n<meta name=\"description\" content=\"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to recover from a security breach\" \/>\n<meta property=\"og:description\" content=\"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-06-17T16:00:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-30T10:38:47+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Microsoft Security Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Security Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Security Team\"}],\"headline\":\"How to recover from a security breach\",\"datePublished\":\"2019-06-17T16:00:39+00:00\",\"dateModified\":\"2025-06-30T10:38:47+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\"},\"wordCount\":857,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\",\"keywords\":[\"Azure\",\"Microsoft Security Insights\",\"Security strategies\"],\"articleSection\":[\"Azure Security\",\"Incident response\",\"Microsoft Defender for Cloud\",\"Microsoft Intelligent Security Graph\",\"Threat protection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\",\"name\":\"How to recover from a security breach\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\",\"datePublished\":\"2019-06-17T16:00:39+00:00\",\"dateModified\":\"2025-06-30T10:38:47+00:00\",\"description\":\"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg\",\"width\":2000,\"height\":1200,\"caption\":\"Photographer: David Johnson Location: Austin, TX Catapult Systems David Fuess\u2013CEO Captured: December 2016 Usage Rights: Global Perpetuity\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to recover from a security breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/112e0d6f7a2c99efae36a4a1b2403c2d\",\"name\":\"Teri Seals-Dormer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g03d4afda56ae931a7066d88415e8df14\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g\",\"caption\":\"Teri Seals-Dormer\"},\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/v-teseal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to recover from a security breach","description":"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/","og_locale":"en_US","og_type":"article","og_title":"How to recover from a security breach","og_description":"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/","og_site_name":"Microsoft Security Blog","article_published_time":"2019-06-17T16:00:39+00:00","article_modified_time":"2025-06-30T10:38:47+00:00","og_image":[{"width":2000,"height":1200,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","type":"image\/jpeg"}],"author":"Microsoft Security Team","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","twitter_misc":{"Written by":"Microsoft Security Team","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/","@type":"Person","@name":"Microsoft Security Team"}],"headline":"How to recover from a security breach","datePublished":"2019-06-17T16:00:39+00:00","dateModified":"2025-06-30T10:38:47+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/"},"wordCount":857,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","keywords":["Azure","Microsoft Security Insights","Security strategies"],"articleSection":["Azure Security","Incident response","Microsoft Defender for Cloud","Microsoft Intelligent Security Graph","Threat protection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/","name":"How to recover from a security breach","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","datePublished":"2019-06-17T16:00:39+00:00","dateModified":"2025-06-30T10:38:47+00:00","description":"Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2019\/06\/Recover-from-security-breach-FI.jpg","width":2000,"height":1200,"caption":"Photographer: David Johnson Location: Austin, TX Catapult Systems David Fuess\u2013CEO Captured: December 2016 Usage Rights: Global Perpetuity"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/17\/how-to-recover-from-a-security-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"How to recover from a security breach"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/person\/112e0d6f7a2c99efae36a4a1b2403c2d","name":"Teri Seals-Dormer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g03d4afda56ae931a7066d88415e8df14","url":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94dbb0d416ec556cf564fa18bc9ac227ba2ce7b653774bdcc4c631f793fd674?s=96&d=microsoft&r=g","caption":"Teri Seals-Dormer"},"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/v-teseal\/"}]}},"bloginabox_animated_featured_image":null,"bloginabox_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89546","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=89546"}],"version-history":[{"count":1,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89546\/revisions"}],"predecessor-version":[{"id":140805,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/89546\/revisions\/140805"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/89547"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=89546"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/post_tag?post=89546"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=89546"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=89546"},{"taxonomy":"job-role","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/job-role?post=89546"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/product?post=89546"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=89546"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=89546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}