Below is an example email sent to customers as a result of a cyber security incident. There are a number of things that this email does well:
* Apology for the impact to the customer
* Assurance work is being done to resolve the issue
* High-level details about the incident and the impact on customers
* What is being done to protect data
* Steps being taken to resolve the issue - high level
* A place for getting more information
NB: the organisational names are fictional in the message below
------------------------------------------------------------------------------------------
You may have heard that the Greentrees Group has detected unusual activity on our IT network. I'm sorry this has occurred.
We are working around the clock to resolve this incident and will continue to provide updates as we learn more. Here's what we know.
At this stage, there is no evidence that any customer data has been accessed. We don't have all the answers yet, but our highest priority is protecting Greentrees customers and our people.
What we are doing
While we conduct our investigation, we have taken some of our customer-facing systems offline. This may have caused regrettable disruptions for some of our customers.
Currently, we have taken our billing system offline. This system was offline today and we expect will be offline tomorrow as well. Greentrees customers will still be able to contact our customer teams via phone between 9.30 am to 6 pm Monday to Friday, but while the billing system remains offline, our people will not be able to access billing information.
We've engaged external cybersecurity experts to help us with our investigation and are in contact with the relevant government agencies.
How we will communicate
We will keep you up to date as the situation evolves. As always, Greentrees will never contact you requesting your passwords or other sensitive information.
Although there is nothing that customers need to do, we have established an information page on our website where we will provide the latest updates.
Regards,
Comments
0 comments
Please sign in to leave a comment.