What steps should you take if you suspect a data security breach while handling an inquiry?

• A. Notify the security team and wait for guidance.
• B. Document yesterday's activities and continue processing inquiries.
• C. Immediately escalate to the supervisor, document events, preserve evidence, and follow the incident response plan.
• D. Ignore the issue unless there is a formal complaint.

Answer: (C)

When you suspect a data security breach, you should act through a formal incident response process: escalate immediately to the supervisor, document what happened and preserve evidence, and follow the incident response plan. This approach ensures a rapid, coordinated response that contains the breach, preserves a reliable trail for investigation, and aligns with policy and legal requirements. Escalating right away brings in the people who have authority and resources to contain the incident and notify stakeholders. Thoroughly documenting events and preserving evidence creates an auditable record and maintains the integrity of any forensic analysis, which is crucial for understanding the breach and preventing recurrence. Following the incident response plan provides the structured steps for containment, eradication, recovery, communication, and post-incident review, so actions are consistent and compliant rather than ad hoc.

Other options fall short because delaying action or trying to handle it informally can let the breach spread and compromise more data, or they ignore the issue entirely. Simply notifying and waiting for guidance may slow the response; documenting only past activity without triggering containment misses the opportunity to stop damage in real time. Continuing to process inquiries while a breach is suspected ignores the risk, and ignoring the issue altogether is unsafe and unacceptable.