Photo by Glenn Carstens-Peters on Unsplash
Data Breach Notification
This template can be adapted for your usecase.
NOTICE OF DATA BREACH
Dear {Customer name},
We are writing to you because of an incident involving access to information associated with online purchases made on our website [www.damdam.com]. Although we are unaware of any actual misuse of your information, we are providing notice to you and other potentially affected customers about the incident, and about tools you can use to protect yourself against possible identity theft or fraud.
What Happened?
We were informed on March 3rd, 2018 that our website www.damdam.com experienced an intrusion last year. Our site is operated for us by a third-party company (name of “platform provider”), and it was the platform provider’s systems that experienced the intrusion. The intruder or intruders placed malware on the platform provider’s servers, and by doing so gained access to our customers’ payment card data. To date, the investigation indicates that the intrusion began in approximately January 2018 and ended in July 2018. The attackers gained access to customer information including payment card numbers as customer made transactions on the platform provider’s systems, and had access to historical payment card data. Because you have provided your payment card information to us in the past, we are notifying you about this data breach.
You may wonder why you are hearing about the breach now. The platform provider for www.damdam.com did not discover the breach until August. In addition, law enforcement is investigating, and asked that notification to customers be delayed to allow the investigation to move forward.
What Information Was Involved?
The information that the attacker had access to includes your first and last name, your email address, your house address, your phone number and any debit or credit card numbers with expiration dates you may have used on our website.
What Are We Doing?
Our platform provider has worked with a leading Cyber Security firm to remove the malware from its systems and is actively monitoring the platform to safeguard personal information by implementing additional security measures and patching up all vulnerabilities. Our platform provider has also contacted and offered its cooperation to federal law enforcement.
What You Can Do?
To protect yourself from the possibility of identity theft and/or fraud, we recommend you immediately contact your credit or debit card company and inform them that your card information may have been compromised, so that they can issue you a replacement card. Review your banking and card statements and report any suspicious activity to the relevant financial institutions.
For more information on identify theft and fraud, we suggest that you visit https://ndpr.nitda.gov.ng/
For More Information
If there is anything else that we can do to assist you, please call 100-200-300 on weekdays between 9am and 5pm or email us at customerservice@damdam.com