Public statement on data breach

The following Risk & Compliance precedent provides comprehensive and up to date legal information covering:

  • Public statement on data breach

Public statement on data breach

Statement by [insert name of organisation] concerning a significant [cyber attack OR data protection breach] on [insert date].

On [date], we were made aware of an incident threatening the security of personal data for which we are responsible. [We OR [insert name of investigating party—eg the Metropolitan Police or the ICO]] have launched [a OR an] [criminal] investigation. We are working with forensic experts and other data security professionals to establish the origin, nature and scope of this incident.

We are conducting a thorough review of this incident. We are also working closely with [our insurer, the Information Commissioner’s Office, [insert name of any relevant professional regulator or trade body], major financial institutions and the police] to establish what happened, to contain the breach and recover the data. We have already implemented additional security measures to protect against further [data loss OR data corruption OR unauthorised use of data]. [We have contacted the major banks, and they will be monitoring for any suspicious activity on our [customer OR client]s’ accounts.]

Investigations are ongoing, but unfortunately it has become clear there is a chance some of the following data has been compromised: [insert types of data affected, eg names, addresses, date of birth, phone numbers, email addresses, account information, credit card details and/or bank details]. To the best of our knowledge, the [accessed OR

Popular documents