...
Lockdown of service: possible downtime for the web app(s)
Assessment of how the breach happened by analysis on the servers
We will detail whether the breach happened as result of an attack, or of bugs in the code
Assessment of which private data was involved in the incident
Assessment of the remediation
Alerting of the end users, within a week, about the accidents (point 3) and remediation (point 4)
Write-up in the data breach register, alerting of the authorities
Templates for the alerting of 5. and 6. can be found on the DPC shared drive (accessible only to DPC)