This notice applies to customers, partners, and suppliers who need to report or receive updates about information security incidents related to Printweb’s systems, data, or services.
Any event that may affect the confidentiality, integrity, or availability of information or ICT systems, including but not limited to: malware infection, hacking or unauthorized access, data leakage, system outages, insider mishandling, or force-majeure events (e.g., fire, earthquakes, typhoons) that impact services.
For security or privacy concerns, including potential vulnerability reports, please use our [Contact PWI] page.
We triage incidents and communicate accordingly:
Critical – Major system damage, data breach, or service outage with significant impact.
Your reporting: Report immediately (within 1 hour) upon discovery via the above channel.
Our response: We will acknowledge promptly, convene our response team, and provide rolling updates; if required by law/contract, notify affected parties and regulators without undue delay.
High – Significant security impact but not yet catastrophic (e.g., serious vulnerability observed, abnormal system behavior).
Your reporting: Within 4 hours.
Our response: Begin containment and share next steps and interim mitigations.
Moderate – Potential impact with signs that could escalate (e.g., unusual traffic/anomalies).
Your reporting: Within 8 hours.
Our response: Assess risk, propose monitoring/mitigation plan, and track status.
Low / Informational – Minor issues or routine findings (e.g., audit items).
Your reporting: Within 24 hours or in the next regular report.
Our response: Log for follow-up and continuous improvement.
Acknowledge & Triage the report, assign severity, and start containment/remediation.
Protect Evidence (logs, traces) for analysis and, where appropriate, forensics.
Communicate key updates and actions; where required by law/contract, issue formal notices to affected parties/regulators.
Restore Services safely and verify controls post-recovery.
Post-Incident Review with root-cause analysis and corrective/preventive actions.
Report promptly via the channel above and provide available indicators/logs.
Avoid using shared accounts and rotate any potentially exposed credentials.
Coordinate containment steps (e.g., temporary isolation or access freezes) when requested to limit further impact.
Keep incident information confidential; do not disclose externally without coordination, unless legally required.
We welcome responsible disclosure via [Contact PWI] page.. We will review and respond in good faith and ask reporters to avoid tests that harm availability or data integrity.
撥打電話