[Company Name]
[Company Address]
[City, State, ZIP]
[Phone] | [Email] | [Website]
Date: [Date]
Sent via: ☐ Mail ☐ Email ☐ Other: [Method]
Reference ID (Optional): [Incident/Case Number]
To:
[Recipient Name]
[Recipient Address]
[City, State, ZIP]
1. Notice of Data Security Incident
We are writing to inform you about a data security incident that may have involved some of your personal information. We take the privacy and security of information seriously and are providing this notice to explain what happened, what information may have been involved, and steps you can take.
2. What Happened
On or about [Discovery Date], we discovered suspicious activity involving [System/Service]. Our investigation determined that an unauthorized party [accessed/obtained/viewed] certain information during the period from [Incident Start Date] to [Incident End Date] (the “Incident”).
The information involved may have included: [List data types—name, email, phone, address, date of birth, account number, payment card, SSN, etc.].
At this time: ☐ We have no evidence of misuse ☐ We are continuing to monitor ☐ We have evidence of misuse (describe).
4. What We Are Doing
In response to the Incident, we took steps to secure our systems and reduce the risk of this happening again, including:
-
[Action taken, e.g., resetting passwords, disabling access, enhancing monitoring]
-
[Action taken]
-
[Action taken]
We also engaged: ☐ Internal security team ☐ External cybersecurity experts ☐ Law enforcement (if applicable).
[Action taken, e.g., resetting passwords, disabling access, enhancing monitoring]
[Action taken]
[Action taken]
We also engaged: ☐ Internal security team ☐ External cybersecurity experts ☐ Law enforcement (if applicable).
5. What You Can Do
We recommend you take the following steps to help protect yourself:
-
Change your passwords and enable multi-factor authentication where available
-
Review your account statements and monitor for suspicious activity
-
Be cautious of phishing emails or calls asking for personal information
-
Consider placing a fraud alert or security freeze on your credit file (if applicable)
Change your passwords and enable multi-factor authentication where available
Review your account statements and monitor for suspicious activity
Be cautious of phishing emails or calls asking for personal information
Consider placing a fraud alert or security freeze on your credit file (if applicable)
6. Credit Monitoring (Optional)
☐ We are offering complimentary credit monitoring and identity protection services for [__] months.
To enroll, visit: [Enrollment URL] and use code: [Code] by [Deadline Date].
If you have questions about enrollment, contact: [Support Phone/Email].
If you have questions, please contact us at [Support Phone] or [Support Email]. When contacting us, please reference [Reference ID].
8. Closing
We regret any inconvenience this may cause and appreciate your understanding. We remain committed to protecting your information.
Sincerely,
[Authorized Name]
[Title]
[Company Name]
Signatures
[Authorized Name]
Title: [Title]
Date: [Date]
Signature: ___________________________