BQE Software notifies the Core users of any data breach, except in cases where the data is confirmed to be unintelligible (for example, encrypted data where the integrity of keys is confirmed). BQE follows a standard procedure:
- Initial notification includes a description of the nature of the breach, approximate user impact and mitigation steps (if applicable).
- BQE notifies users within 72 hours from the time we declare a breach, except in the following cases where:
- BQE believes the notification increases the risk to other users
- The 72-hour timeline might leave some incident details. These details are provided to you as the investigation proceeds.