Data Breach Communication Playbook


Your customers trust that you're taking every measure possible to protect your personal and confidential information. In the U.P. we feel safe and protected living in a remote and safe part of the world. Living here makes it easy to forgot how quickly, easily connected and vulnerable we are to the rest of the world.

Living in the U.P. can make us feel immune to the problems plaguing global financial institutions, retailers, and social media platforms. Your customers trust that you're doing everything possible to ensure that information is kept secure. However, despite the size or location of an organization, no company can be 100% immune from a breach.

Whether it's email hacking, ransomware, account stealing or any other number of activities - businesses are under constant threat from cyber attackers. Cyberattacks are the fastest growing crime in America, and they are increasing in scale, sophistication, and cost. The question is no longer if a cyberattack will happen, but when.

Last year, more than 50% of the 28 million businesses in America reported a data breach. About half of those attacks targeted small businesses. While some companies found themselves covered by insurances or reported only minor losses, extreme situations forced over 280,000 businesses to close their doors. Poor communications cost 1.5 million organizations to lose the trust of loyal customers, which they may never regain. This means that 3,500 U.P. businesses will be effected by a cyber attack in 2019, 35 of which will lose customer loyalty or worse, close their doors.

Over the past year, I've had conversations about cybersecurity with more than 100 businesses across the Upper Peninsula. Of the small handful that have a plan, most admit to not having the right systems and training in place to support their organization - Yikes. Regardless of explicit awareness of the risks and skyrocketing damages to companies who have suffered a cyberattack - which is expected to reach $6 trillion by 2021 - crisis plans are still taking a back seat for many CEOs.

Recently, a new client of ours was the target of an attack that affected thousands of customers. They didn't have sufficient resources in place to quickly communicate information to their customers or keep them informed. Even if they had, the client didn't know what to say - or what not to say. Instead, their customers learned about the breach through the most reliable sources - Facebook, gossipers, and Twitter complainers (yes, sarcasm).

While we helped get them through the crisis, this became an unforgettable learning experience for the entire organization.

My goal is to provide companies with a practical and minimal playbook to increase customer loyalty and trust in the event of an attack. With a basic game-day plan in place, you will be less vulnerable to losing customers and more likely to keep their trust.

The Playbook

In the event of a hack, the most important thing is to communicate proactively and transparently.

  1. Assign a crisis communication leader.
  2. Prepare up-to-date contact lists & message distribution plan. Develop a plan that allows you to gather employee, customer and media contact information within an hour. This plan may include writing up instructions of how to export data from your CRM or point-of-sale system. The list should consist of email addresses and cell phone numbers - the quickest method of communication. Other relevant information includes mailing addresses for a post-event letter explanation.
    (please note: we're not suggesting that every breach requires media or public communication)
  3. Call center. Develop a plan that includes the quick set-up of a call center to address customer concerns in either inbound or outbound calls. Provide the call center team with a set of talking points (provided by the lead, public relations firm and possibly reviewed by an attorney).
  4. No matter the severity of the breach, there is a certain level of messaging you can prepare ahead of time. You'll add the specific details of the breach and recovery plan when the event strikes. A seasoned writer and communicator can help ensure holding statements and messaging meets the needs of your organization and your customers.
  5. Simulate an attack. Remember elementary school fire drills? The same goes for cyberattacks. Whether you hire a company specializing in cybersecurity or develop a simulation on your own, practicing responses to an attack is crucial to your real-life response.


  1. Assess the situation.Here are a few questions to have on hand and ready "in the moment"
    When did it happen?
    Is the crisis real or perceptual?
    What is the scale?
    Who does it impact?
    What are we doing?
    How will we keep people informed?
  2. Draft a press release and talking points. Using the prewritten talking points and the facts to draft a press release and talking points which can be tested with people on your management team. Keep in mind that everyone's talking points are little different:
    a. Website/social media
    b. Call center script
    c. Employees
    d. Customers
    e. Media/stakeholders
  3. Direct customer notification. Once you understand who was affected by the breach and the severity, immediately contact the impacted customers. Inform them on how they may have been affected, let them know what you're doing to rectify the situation, and inform them where to find updates. If the situation is dire, you should consult your public relation or legal teams before sending out a communication. Once you share information with customers, consider it public and the likelihood of it going to the media or viral on social media is high.
  4. Public notification. In some unique cases when a special media announcement in necessary, you can use traditional news and social media to expand your messaging. It's critical to only use your press release as a method of communication. Remember that whatever gets published in the news and on social media leaves a digital footprint for future customers to see.
  5. Post-game results. In the days to follow a breach, it will be evident how the breach occurred and the impact on customers. Review what went wrong, and how you can improve your crisis communications. This reflection offers an opportunity to share the facts and story with employees, customers, and stakeholders.

Read the full article