Watch this video on YouTube
What should be the first step to preserve and protect unauthorized intrusion activities when an unauthorized user gains access to a merchant's database server and customer credit card information?