Affinion Security Center Publishes Data Breach Response Guide

Guide provides best practices, case studies, and guidance for preparing written plans to address the threat of identity theft and data breaches

May 1, 2009

4 Min Read


NORWALK, Conn., April 22 /PRNewswire/ -- As incidents of corporate data breaches continue to rise, the rules and regulations requiring compliance for breach notification and response from financial institutions, creditors and many other businesses have strengthened. On May 1, 2009 companies that extend lines of credit to consumers will need to comply with another regulation, the Federal Trade Commission's Red Flags Rules, which calls for institutions to develop and implement written plans that document how each would prevent, detect and respond to the threat of identity theft.

To help companies adhere with the new law and mitigate the financial and reputational damage from any possible data breach, Affinion Security Center, a leading provider of identity theft protection and breach resolution services, today published the Data Breach Response Guide. The Data Breach Response Guide provides companies with best practices, case studies and guidance for preparing written plans to address the threat of identity theft and data breaches, thereby addressing part of the requirements under the Red Flags Rules. The guide is available for download at

The Affinion Security Center developed the guide based on the company's extensive experience providing data breach response programs through its BreachShield solution. BreachShield is a comprehensive data breach response and delivery program capable of providing end to end support services, including list management, drafting of notification letters, printing and mailing -- all backed by industry-leading customer service support and multi-channel enrollment options. BreachShield has recently strengthened its offerings by adding CardCops(SM) web monitoring, a leading service that monitors underground online chat rooms for stolen data, as well as Automated Fraud Alerts to its existing credit monitoring configurations. Since 2007, BreachShield's rapid response solutions have been offered to more than five million consumers by companies that have suffered a breach.

"The Data Breach Response Guide contains valuable information on how to respond to a breach, alert customers, choose resolution services and defend a company financially and from reputational damage due to the devastating effects of data loss," said Tim Lukens, Senior Vice President of Corporate Solutions at Affinion Security Center. "The guide comes to market at a critical time, as law enforcement develops stricter laws for companies that handle consumer data and harsher penalties for corporations that mismanage data breaches."

Although data breaches are increasingly common, many companies fail to prepare for an incident and as a result often do not meet consumers' needs following a data breach. In 2008, the number of breaches reported grew 47% over 2007, according to the Identity Theft Resource Center, and is expected to grow in 2009 absent an increasing focus by companies on data protection. Consumers are likely to sever relationships with banks, healthcare companies and large retailers that they regularly do business with because of a data breach, according to a study by the Ponemon Institute conducted in February 2009. The study found that more than 68 percent of the $6.65 million average cost of a data breach, results from lost business, including customer termination.

The Data Breach Response Guide aims to help companies create an Incident Response Plan before the occurrence of a breach, so that companies can take action more quickly and protect its business relationships after an incident. Rapid response remains one of the most crucial factors to controlling the financial repercussions of a data breach and influencing customer perceptions of how safely a company is handling their financial data.

About BreachShield

In 2007, Affinion Security Center launched BreachShield, a full service, rapid response data security breach response and delivery program. National and multi-national enterprises, including those in the financial, retail and travel industries, partnered with BreachShield data breach solutions. Since 2007, BreachShield services have been offered to over five million individuals whose identities have been compromised by a data breach. For more information, please visit For help responding to an incident, please call our 24/7 Hotline at 1-800-350-7209.


Affinion Security Center, a division of Norwalk, Connecticut-based Affinion Group, is a global leader in providing identity protection and data security solutions to corporations and individuals. For over 35 years Affinion Security Center has been powering many of the world's leading personal data protection and breach resolution solutions offered by local, national and multi-national enterprises in the financial, retail and travel industries. The company currently protects over 7 million subscribers with services including IdentitySecure, PrivacyGuard, PC SafetyPlus and Hotline, and serves enterprise and government agencies with the data breach preparation and response tool, BreachShield. Affinion Security Center is part of the steering committee of the Identity Theft Prevention and Identity Management Standards Panel (IDSP) and is a member of the Staples Security Council.

For more information please visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights