Upon discovering a data breach involving unauthorized access to the customer records system, what is the PRIMARY action the security team should focus on according to standard security protocols?
Notify the company's legal team and prepare for public disclosure.
Prioritize the review of security logs to trace the origin of the attack.
Immediately isolate affected systems to stop the spread of the breach.
Start documenting the details of the breach and response actions taken.