PCI Forensic Investigator (PFI)

Connect with us

As soon as you suspect your network has been breached, you should contact a PFI. As one of only five PFIs that cover the U.S. and European regions, Coalfire is ready to help determine whether cardholder data has been compromised and when and how it may have occurred.

For US investigations, contact us at +1 (877) 909-0703. For UK investigations, contact us at (+44) 0800 260 6435.
Or email PFI@coalfire.com for immediate assistance.

Support to help you through the process so you can get back to business

You suspect the worst has happened – a criminal has assaulted your company and breached your network. It’s time to contact a PFI that you can count on to help you confidently contain the breach. Because there’s no time to waste, we use a process that includes proven methodologies and tech-enabled tools to help you rapidly remediate the issue.

  • Initial investigation report: released within five days of the initial investigation, this report details initial findings and identifies the scope of the full investigation.
  • Full investigation: our PFIs conduct a manual or technology-enabled investigation, liaise with the major credit card brands, and issue the final report that pinpoints the root cause of the breach.
  • Remediation: the major credit card brands will mandate actions be taken to remediate the issue. We have successfully helped numerous organizations meet their obligations. Our cyber engineers, cybersecurity advisors, and technical testing team are available to help. 

Communication is critical in a PFI engagement, and our rigorous communication standards that ensure all parties have the appropriate information as quickly as possible. We understand this is a difficult and stressful time; we’re not here to be confrontational, but we are here to help you effectively respond to the incident. We also maintain relationships with law enforcement to support stakeholders with any resulting criminal investigations.

PCI Forensic Investigator working on computer

Uniquely positioned to quickly and effectively investigate your incident.

Whether your system is on-premise, in the cloud, or in a hybrid environment, we are ready to investigate quickly. With an entire practice dedicated to cyber breach response and digital forensics, we have investigated and remediated cybersecurity breaches for organizations of all sizes. Our team comprises former federal law enforcement officers and government contractors specializing in cyber operations. These analysts have numerous forensic certifications and have been recognized as computer forensics experts in state and federal courts.

Our domain knowledge in cloud, embedded systems, encryption, Internet of Things (IoT), mobile, and virtualization technologies enables us to understand how they are leveraged – and potentially compromised – within a payment environment.

What to do when you have issues?

If you suspect a breach, email us. The faster you can remediate a data security breach, the faster it stops the loss of data and minimizes the impact to your reputation. We’re ready to help you jump into action.

Why choose Coalfire to be your PFI?

  • Our technology and vendor independence allows for thorough, in-depth, and unbiased recommendations to move you beyond a breach and help prevent future breaches.
  • As one of the original PCI Qualified Security Assessors (QSA), we are uniquely qualified to understand environments that may have undergone a credit card breach.
  • We work with all the major payment processors and cloud service providers.
  • We work closely with the PCI Security Standards Council and the card brands to continually support improvements in the many standards.
  • Through our incident response partner, Carbon Black, we can rapidly deploy tools to help you analyze the breach and potentially contain it more quickly.

Evaluate security incidents

If you've suffered from an external attack or had compromised sensitive information, learn more information about our digital forensics services.


Contact us to improve your cybersecurity posture