CyberArc
Currency
0

Report a breach

If you suspect a cyber incident (ransomware, data exfiltration, business email compromise, account takeover, malware, DDoS, etc.), tell us immediately. Early containment limits damage, preserves evidence, and improves recovery outcomes.

Report a breach

  • Users affected, Devices/servers affected, Tenants/domains (e.g., M365/Azure, Google, AWS)
What to do right now (while we connect)
  • Isolate, don’t power off. Disconnect affected devices from the network/Wi-Fi; avoid shutting down encrypted systems to preserve keys and memory artefacts.
  • Preserve evidence. Do not wipe disks, delete logs, or reimage. Take photos/screenshots of ransom notes, suspicious emails, file paths, and process lists.
  • Change critical passwords from a clean device. Prioritise email, identity provider, VPN, and finance apps.
  • Pause lateral movement. Remove risky admin privileges temporarily; block known malicious IPs/domains at the edge.
  • Do not engage with threat actors or pay ransoms without legal counsel and a response team on the line.
  • If fraud is in progress, alert your bank(s) and payment providers immediately and consider an SAPS case for cybercrime.
How CyberArc handles your incident

  1. Rapid triage & containment – confirm the incident, stabilise systems, and prevent spread.

  2. Forensics & root cause – collect volatile and at-rest evidence, reconstruct timelines, and identify initial access and scope.

  3. Eradication & recovery – remove persistence, restore from clean backups, and harden configurations.

  4. Notifications & compliance support – help your Information Officer assess notification duty under POPIA and, where relevant, GDPR/ICO guidelines. 

  5. Post-incident improvement – actionable recommendations across identity, email security, EDR/XDR, backup, and third-party risk.

Confidentiality & no-blame policy: We treat every report as confidential, focus on facts and recovery, and never “name and shame” your team.

Frequently Asked Questions

Do we have to report this?
If personal information was accessed or acquired by an unauthorised person, POPIA requires notification to the Information Regulator and to affected data subjects as soon as reasonably possible. We’ll help your Information Officer assess and prepare compliant notices. Empowered Compliance MonitorDLA Piper Data Protection


What if our customers are in the EU/UK?
If the incident is notifiable, the GDPR/ICO rule of 72 hours from awareness applies for authority notification. GDPRICO


Should we pay the ransom?
That’s a business/legal decision. We’ll outline risks, options, and likely outcomes, and coordinate with law enforcement where appropriate.


Can you work with our IT team and existing tools?
Yes—our responders integrate with your stack and vendors.

MAY WE HELP YOU ?

Contact Us
Company
FAQ
Privacy Policy

Global Partners

Services

Enterprise CyberDefence Audit
ProActive CyberDefence Protection

Sales

sales@cyberarc.ai
+27 86 026 4357

SIGN UP AND SAVE

Sign up to receive alerts and news about the Cyber Defense industry.

Report a breach
Request a FREE audit
Items have been added to cart.
One or more items could not be added to cart due to certain restrictions.
Quantity updated
- An error occurred. Please try again later.
Deleted from cart
- Can't delete this product from the cart at the moment. Please try again later.