Moving forward after going public with a data breach: Managing ongoing messaging

Continue to stay on message and maintain the focus on your customers and the facts that will help them

The time period between the discovery of a data breach and a company’s public announcement is never stress-free, even if you have managed the responses to other data breaches and your company has a preplanned response strategy in place. The work does not end though once all the moving parts come together and your company announces to the public that it has experienced a data breach.

You may have carefully drafted a letter regarding the breach to be sent to your customers, prepared detailed scripts for your call center to follow when customers call in for information about the breach, designed data breach information pages that will go live on your company’s website, trained your frontline employees on how to respond to questions from customers, and hired a public relations firm to respond to media inquiries — but you may still have more messaging issues to manage. The examples below are adapted from actual incidents to illustrate how companies can drop the ball on their post-breach announcement communications to their customers, shareholders and the public.

Contributing Author

author image

Elena A. Lovoy

Elena A. Lovoy is a member of the Banking and Financial Services practice group and Privacy and Information Security team at Bradley Arant Boult...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.