Try this first
- 1Honest but no details. 'There is a possible security incident, we are investigating. I will share what we know by end of day.' That is enough.
- 2Give concrete actions: 'For now, change passwords, re-run MFA when asked. Do not click on new links until we say so.'
- 3Designate one fixed contact for questions. Stops 'I heard from a colleague' loops.
- 4Update at least once a day until resolved. Silence = people invent stories.
- 5On wrap-up: short explanation of what happened, what we did, what lesson we draw. Prevents repeats.
When to bring us in
On larger incidents with customer communication or possible notification duty: do not write the customer mail solo. We help with phrasing that is legally and empathically sound.
See also
- I think I clicked a phishing linkNo shame, happens to everyone. The next fifteen minutes matter.
- A colleague's account is acting strangelySending mail in their name, rules hiding folders, unusual sign-ins. Suspicious.
- Lost the MFA app: new phone, no backup codesClassic problem after a phone upgrade. You are not the first to be locked out.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.