From data-breach-response-skills
Coordinates post-breach credit monitoring and identity protection: vendor selection (Experian, TransUnion), enrollment logistics, 12-24 month coverage, insurance options, communications, and enrollment tracking.
npx claudepluginhub mukul975/privacy-data-protection-skills --plugin data-breach-response-skillsThis skill uses the workspace's default tool permissions.
Offering credit monitoring and identity protection services to affected individuals is a standard post-breach measure that mitigates harm, demonstrates organizational responsibility, and may reduce regulatory and litigation exposure. While not explicitly required by the GDPR, it is considered a best practice under Art. 34 and is frequently required under US state breach notification laws for br...
Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.
Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).
Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.
Offering credit monitoring and identity protection services to affected individuals is a standard post-breach measure that mitigates harm, demonstrates organizational responsibility, and may reduce regulatory and litigation exposure. While not explicitly required by the GDPR, it is considered a best practice under Art. 34 and is frequently required under US state breach notification laws for breaches involving SSN or financial data. This skill covers the end-to-end process of vendor selection, enrollment logistics, coverage management, and communication.
| Provider | Product | Coverage | Identity Theft Insurance | Dark Web Monitoring | Geographic Coverage |
|---|---|---|---|---|---|
| Experian | IdentityWorks | Credit monitoring (1 bureau or 3 bureau), SSN tracking, address change alerts | Up to $1M / EUR 25,000 | Yes | US, UK, EU (select markets) |
| TransUnion | TrueIdentity | Credit monitoring, credit lock, credit score tracker | Up to $1M | Yes | US, Canada |
| Equifax | ID Patrol | Credit monitoring, SSN monitoring, lost wallet protection | Up to $1M | Yes | US, UK, Canada |
| Kroll | Identity Monitoring | Credit monitoring, cyber monitoring, identity restoration | Up to $1M | Yes | US, EU, APAC |
| AllClear ID | Identity Repair | Credit monitoring, identity repair, fraud investigation | Up to $1M | Yes | US |
| Criterion | Weight | Description |
|---|---|---|
| Geographic coverage | 25% | Must cover all jurisdictions where affected data subjects reside |
| Enrollment capacity | 20% | Must handle peak enrollment volume (target: 50% of affected in first 7 days) |
| Speed of activation | 15% | Time from contract signing to enrollment portal availability |
| Language support | 15% | Portal and communications must be available in languages of affected population |
| Identity theft insurance | 10% | Coverage amount, deductible, claim process simplicity |
| Dark web monitoring | 10% | Real-time scanning of dark web forums and marketplaces for compromised data |
| Cost per individual | 5% | Price point per monitored individual per month |
Primary vendor: Experian IdentityWorks — selected for EU + US coverage, multilingual portal (German, English, French, Dutch, Spanish), enrollment capacity for 50,000+ individuals, and established enterprise breach response program.
Contract terms negotiated under retainer SPG-EXP-2025-003:
| Breach Type | Recommended Duration | Rationale |
|---|---|---|
| Financial data (card numbers, bank accounts) | 12 months | Financial fraud typically occurs within 6-9 months of breach |
| Government identifiers (SSN, national ID, tax ID) | 24 months | Identity theft using government IDs can surface 12-18 months post-breach |
| Credential compromise (username + password) | 12 months | Credential stuffing attacks typically peak within 3-6 months |
| Health data (medical records, insurance) | 24 months | Medical identity theft is harder to detect and may take longer to surface |
| Combined (financial + government ID + health) | 24 months | Maximum exposure requires maximum monitoring duration |
| Phase | Timeline | Target |
|---|---|---|
| Portal activation | Within 48 hours of vendor contract activation | Before individual notification dispatch |
| First notification dispatch | Day 1 of individual notification | All affected individuals |
| Peak enrollment | Days 1-14 after notification | 40% enrollment rate |
| Follow-up reminder | 30 days after notification | Target individuals who have not enrolled |
| Final enrollment deadline | 90 days after notification | Final enrollment rate target: 70%+ |
| Metric | Target | Reporting Frequency |
|---|---|---|
| Enrollment rate (cumulative) | 70% by deadline | Weekly |
| Daily enrollment volume | N/A (monitoring) | Daily |
| Support call volume | N/A (capacity planning) | Daily |
| Failed enrollment attempts | Under 5% | Weekly |
| Identity theft alerts generated | N/A (monitoring) | Monthly |
| Insurance claims filed | N/A (monitoring) | Monthly |
Include in the Art. 34 / breach notification letter:
Free Identity Protection: We are offering [12/24] months of complimentary identity protection through Experian IdentityWorks, at no cost to you. This service includes:
To enroll:
Or call our enrollment hotline: [+49 30 7742 9200 / 1-888-555-0199]
Subject: Reminder — Enroll in Free Identity Protection by [Deadline]
Dear [Name],
On [notification date], we notified you about a security incident that may have affected your personal information. We want to remind you that we are offering [12/24] months of complimentary identity protection at no cost.
If you have not yet enrolled, your activation code [CODE] is still active. Visit stellarpayments.eu/breach-support/enroll before [deadline] to activate your protection.
Total cost = (affected individuals x enrollment rate x per-individual monthly cost x coverage months) + (enrollment portal setup) + (support staffing)
Example for SPG-BREACH-2026-003:
Cyber insurance policy (Stellar Payments Group — Allianz Cyber Enterprise, policy SPG-CYB-2025-001):