How do you let people know you were breached?

Stories of the breach of a website are lately in the vein of dog bites man — lots of them, and little noticed (unless you are the bitee).”Kickstarter data breached,” Houston Chronicle, February 17, 2014 B8

So the controls failed, and hackers got names, email addresses, phone numbers, and passwords.  But not credit cards, thankfully.

But how Kickstarter (a crowd-funding site) chose to notify people of the breach is interesting.  They posted it on their blog.  Saves doing a press release or sending notices to the people whose data was at risk.

What’s your crisis communications plan following a breach?

Leave a comment

Filed under Business Case, Communications, Controls, Governance, IT, Privacy, Risk, Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s