How To Communicate A Data Breach With Customers

When data is stolen, businesses are required by law to notify the impacted individuals quickly in order to help prevent further damage.

The most common type of data breach, which accounts for 44% of cyber attacks, is the theft of customer data, such as credit card information, emails, and passwords. When data is stolen, businesses are required by law to notify the impacted individuals quickly in order to help prevent further damage.

Whether hackers took personal information from a corporate server, an insider stole customer information, or information was inadvertently exposed on the company’s website, it’s critical to have a plan that outlines what to do next.

What steps should be taken and who should be contacted if personal information may have been exposed? Although the answers vary from case to case, the following guidance from the Federal Trade Commission (FTC) can help businesses make smart, sound decisions.

Secure Operations First

Before reaching out to customers, take steps to remediate the attack because “the only thing that’s worse than a data breach is multiple data breaches”, according to the FTC. Take these immediate steps so it doesn’t happen again ––

Secure systems by changing passwords, limiting user access, contacting law enforcement, and bringing in experts to understand exactly where systems are vulnerable and what data has been accessed.
Take the impacted devices offline immediately, but don’t turn them off until forensic experts have been consulted. If a hacker stole credentials, note that the system will remain vulnerable until those credentials are changed. If information was improperly posted on the company’s website or social media channels, remove it as soon as possible.

Mitigate Damage and Further Risks

By identifying the type of threat that caused the security breach will give insight into what must be communicated to various chains of command. Then notify the IT department and/or cybersecurity provider who will then execute security measures to prevent further risk and damage.

An automated security solution should be used to scan files, review firewall logs, and other reports to fully quarantine malware. Any malware found should be cleaned as quickly as possible to reduce any further damage to infrastructure, including files and databases and deploy security patches for any outdated software.

Implement the Customer Communications Plan

In terms of how information is communicated, businesses must give affected customers a clear understanding of which data was lost and how this impacts their lives and businesses. Following a data breach incident, the customer wants to know the answer to these questions ––

What data was stolen?
How did the breach happen and what caused it?
What are the remediations being taken by the company? By law enforcement?
What recovery measures could they expect from the company in the coming days?

Refer to the FTC guide for the complete list of information that companies are legally required to provide customers. It’s critical that customers are notified as quickly as possible. The faster the issue has been communicated, the faster the clients can act to control the damage on their end by changing passwords and updating their own security systems to prevent more cyberattacks.

There’s simply no time to waste in the event of a data breach. That’s why many corporations have automated responses developed along the lines of “We identified a breach of our systems, and you have been identified as being impacted. Your security is of the utmost importance to us, so we’re providing you with free monitoring.” Work with the security team and perhaps legal counsel to draft an accurate, factual message.

Communicate Openly And With Care

It takes 212 days, on average, for companies to identify a breach and 75 days to contain it according to the 2021 data breach report from the IBM and the Ponemon Institute. The shocking delay in sending out communications unfortunately left customers vulnerable for an extensive period of time.

It is the responsibility of the breached organization to provide accurate and timely information that accounts for customer questions and looks after their best interests while carefully considering the internal and external legal actions to take to minimize liability. Some of the top questions to ask the team when communicating a data breach include: what happened and what do we know, what is impact of the incident, and how exactly can we help the customer?

In asking these questions, an organization can ensure they are fully prepared to support the customer through this crisis and openly address their concerns in a consistent manner. Setting up a web page that provides incident updates in real-time, is a convenient way of keeping customers in-the-loop with all the relevant information following a breach.

Take Steps To Renew Trust

Another challenge that an organization faces when communicating a breach is the lack of consistency in responding to customers’ concerns. Failure to gather the right information or assessment of impact, can change the narrative — something that should be avoided. A shift in narrative confuses customers, causing them to raise doubts and suspicions that an organization is hiding something.

Aside from delivering a consistent message, companies should set reasonable expectations when communicating with customers about a data breach. Never say that it won’t happen again – because it might. Instead, companies should assure their customers that the incident is being properly contained and managed.

Continuously updating customers with the steps taken to improve data security will do more to rebuild trust than offering vague promises. Focus communication on the actions, protocols and tools put in place to keep their information secure. Provide employees with regular security training, enforce strong password policies and multifactor authentication, and other solutions to stay current with the evolving cyber threat landscape. It will take time, but being transparent and committed to cybersecurity will help regain trust.

Enforce Next-Level Security with UDT

To best support customers, let them know that you are prioritizing security and taking the necessary steps to mitigate future breaches as well. This can include hiring third parties to conduct penetration testing on the affected network, cloud platform, application, etc., where the breach occurred, and report those steps to the customer to prevent vulnerabilities in the future.

Our security experts will help you assess operational maturity and draw a roadmap towards your ideal security posture. By mapping out your organization’s unique vulnerabilities, we can help you establish what technology, practices, policies, and procedures need to be implemented to secure your infrastructure and applications.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

K12 Budgeting: Planning Your 1:1 Device Refresh Program Cost

As K12 education evolves, managing 1:1 device programs effectively is crucial. These programs, providing each student with a personal computing device, play a pivotal role in modern education. Success demands strategic planning, communication, foresight, and a holistic approach to device management. With digital learning on the rise, these devices are more than just tools for accessing information; they are platforms for interactive, core learning experiences. However, funding remains a significant hurdle, making effective budgeting for your device refresh program essential for optimizing ROI and device longevity.

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.