Dear Collective2 User:
We recently became aware that our computer database was breached by a hacker and that the personal information of our customers was accessed. The information accessed includes names, email addresses, passwords, and credit card information. Thus, anything you typed into Collective2 before today may be potentially compromised.
We have contacted federal and state law enforcement authorities, who we hope will track down and prosecute the person responsible. More important: we have changed our database security, locked down our servers, and altered our Web site in order to prevent similar attacks. We are also notifying the three credit bureaus - Equifax, Experian and TransUnion - of the breach.
While we have no evidence that the hacker intended to use or has used the accessed information, it would be prudent for you to take the following steps.
Please immediately log in to Collective2 and change your password. You can do so through the following link:
This link will also allow you to see other information which we have stored in our database and which therefore is possibly compromised. If you typed a credit card number into our site, we encourage you to contact your bank and ask them to change your credit card number. Again, we have no evidence that the criminal has made any illegal transactions. However, to be cautious, we suggest you monitor your credit reports to detect any unauthorized activity.
WHAT HAPPENS NEXT
Obviously our company depends on your trust. This has been a hard blow to the small team here at C2. It's devastating to learn that much of the good will and trust that we've built over the last eight years can be harmed in a day.
You have my promise: we will do whatever it takes to protect your security. We have already made the changes necessary to prevent further access to your personal information by the hacker, or by others.
In addition, we have hired an outside security firm to help us. The firm has been engaged to conduct a full review of our servers, software, and architecture, to insure that information is secure.
STEPS WE ARE TAKING
We need to work hard to rebuild the credibility we lost. The first step, before anything else, is that we must be honest with our customers and make sure that they are safe. For this reason, I encourage you to go to the link above, and to change your Collective2 password as soon as possible.
HOW TO CONTACT US
If you have questions about this email, please contact me at email@example.com
I am sorry for the inconvenience and uncertainty this will surely cause you. I wish I were able to write you a different kind of letter as we enter the new year. I hope that you will stay with us in 2010, and that, by this time next year, we will have regained your trust and confidence.