Customer Security Explanation (Capital One 2019)¶
Use this to explain a security topic or incident to customers in clear, non-technical language; supports notification obligations and trust.
Purpose¶
This explanation translates technical and legal context from Capital One 2019 into clear customer-facing language, focusing on what happened, what protections are in place, and what customers should do. It supports transparent communication while remaining aligned with counsel-reviewed facts.
Hallucinated writing examples¶
Scenario: In an illustrative period following the 2019 Capital One cloud breach and related enforcement and litigation tracks (time), the Security Director (role) prepares a customer security explanation (type) for leadership stakeholders (audience).
CUSTOMER NOTICE — DATA SECURITY INCIDENT
What Happened: On July 19, 2019, we learned that an unauthorized individual had obtained access to certain customer data stored in our cloud environment. We fixed the vulnerability promptly, preserved evidence, and reported the matter to federal law enforcement. On July 29, 2019, an individual was arrested in connection with this incident. We are cooperating fully with the investigation. We are notifying affected individuals and providing this information so you can take steps to protect yourself.
What Information Was Involved: The information accessed included data you provided when you applied for our credit card products or other consumer products, such as your name, address, date of birth, and income. For a subset of individuals, Social Security numbers or bank account numbers were also accessed. The incident did not involve your credit card account numbers or your log-in credentials. We have no evidence that the information has been used for fraud or shared publicly. The incident affects approximately 100 million individuals in the United States and approximately 6 million in Canada.
What We Are Doing: We have fixed the vulnerability, strengthened our controls, and are notifying affected individuals. We are offering free credit monitoring and identity protection services to affected customers. We have established a dedicated webpage and phone line for your questions and will continue to update our response as we learn more. We take our responsibility to protect your information seriously and apologize for any concern this may cause.
What You Can Do: We encourage you to enroll in the free credit monitoring we are offering. Monitor your account statements and credit reports for any unauthorized activity. Be cautious of phishing attempts; we will not ask you for your full Social Security number or your account password by email or phone. For more information and to enroll in credit monitoring, visit [URL] or call [toll-free number]. Our FAQ is available at [URL]. Additional resources: [Link to FTC identity theft resources.] [Contact for questions.]
Document-type guide: Customer Security Explanation
Writing tips: Writing best practices — Customer Security Explanation