# Incident Report ## Employee Details - Name - *Sounak Pradhan* - Department - *Information Sciences* - Phone Number - *+91-9749793805* - Email - sounak.p@t-hub.co ## Description of Event ### Date March 5, 2020 ### Location Hyderabad, Telangana ### Incident Details & Timeline - [time=Mar 4, 2020 07:08 PM] - Someone with the email id vikraman.vs@gmail.com logged into our database admin panel and deleted the entire database. - [time=Mar 5, 2020 11:17 AM] - Jayant called me and informed that the website is down. - I did the initial testing and found out that the server is not down but the wordpress database has been cleared. - [time=Mar 5, 2020 12:58 PM] - Jayant and I involved Rajesh into our conversation and asked him to restore the latest backup we had for the T-Hub website. - I changed all the credentials (ssh, wordpress) and shared it with Jayant. - [time=Mar 5, 2020 3:00 PM] - The T-Hub site was back up. - All the passwords/credentials were changed and shared only to the immediate team. ## Follow Up Recommendations - We should not share our passwords/credentials at any cost with anyone outside the team. - If anyone leaves the team we should make sure to change all password/credentials. - We should keep on creating timely backups because we could get our site back up running in such a short matter of time even after such a serious attack like this only because we had proper backups in place.