Data Breach Response

Data Breach Notification

Kroll will work with your team to implement a personalized, plain-language notification letter that provides pertinent information and maintains message control.

Contact us

Explore Cyber Risk

/en-ca/services/cyber-risk/notification-monitoring/identity-theft-and-breach-notification/data-breach-notification-letters service

Data breach notification can present various layers of complexity for your organization. Not only do you have to ensure impacted individuals receive critical information about your data breach event, you should also consider ways to protect your brand and reputation by providing an appropriate level of assistance to those affected.

The art of crafting a notification letter is one that can sometimes be taken for granted. Yet, a notification letter is your primary communication with stakeholders regarding your data security incident, making it significant factor in controlling your message and quelling breach population fears. There are many nuances, but any good letter will include some basic information:

  • All notification letters, within the confines of what’s allowed by local law, contain some explanation of the event. Of course, what happened may not be uniform across an entire population–a breach may have distinct recipient populations requiring different letters. This could be based not only upon what was lost or exposed for each group, but also demographic makeup or regulatory requirements.
  • Contact information will direct individuals to Kroll's call center or another designated source for further information about the breach or identity theft threat that may be present.
  • An organization may choose to include information on what steps are being taken to protect stakeholders’ sensitive information. This may also include information on identity monitoring services that are being provided to the impacted population.

Once the letter is drafted, Kroll will assist with the logistics of mailing and preparing for responses from your impacted population. We will work closely with your team to optimize speed and deliverability, while also reducing unnecessary notification costs. Kroll’s team can work with you to:

  • Standardize and scrub your mailing list for optimal delivery
  • Eliminate duplicate entries
  • Provide comprehensive reports that demonstrate and document your best effort to notify and serve those affected by your event
  • Manage returned mail

Once this is completed, we can review your mailing list and separate the groups that require special handling, such as: children, adults, expatriates or deceased. We can separate these categories, identifying which individuals might have special considerations for consumer services, or groups that are at a higher risk based on information lost.

People

Jason N Smolanoff
Jason N. Smolanoff
President, Cyber Risk
Cyber Risk
Los Angeles
Phone

How we can help

Cyber Risk

Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.

Data Breach Call Center Services

A notification event can generate a lot of questions from those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.

Identity Theft Restoration

Kroll provides your breach population with direct access to investigative experts for live support and best practice advice, as well as identity restoration should they become victims of identity theft.