Cyber Incident breach communication templates

When a security incident is known to the public, it’s important to acknowledge it early, even if you can only state you are investigating. This helps ensure that affected parties understand you are aware and working on it and will be a source of information in the future. Providing regular updates helps ensure a cadence, so they will come back at regular intervals and will feel less inclined to go look for information from other sources, which may be inaccurate.

2020 – 118118Money

2019 – December – Travelex

http://web.archive.org/web/20200120141014/https://www.travelex.co.uk/

2019 – Norsk Hydro

• Observe public messages on Facebook and Twitter starting around 2PM, 19th March 2019
  • https://twitter.com/NorskHydroASA/status/1107925735048646656
  • https://www.facebook.com/page/106673529354993/search/?q=cyber

2019 – July 19 – Capital One

• http://web.archive.org/web/20190901035212/https://www.capitalone.com/web/20190901035212mp_/https://www.capitalone.com/facts2019/

2017 – June 27 – Maersk

• https://investor.maersk.com/node/19831/pdf

References

More template collections at – https://github.com/WillOram/cyber-incidents

More examples below

• https://www.prnewswire.com/news-releases/the-reserve-trust-company—notice-of-data-breach-301086416.html