Reporting a cybersecurity issue is not only important for Brink's, but also for your personal data protection.
You should report a cybersecurity issue that involves restricted or confidential information accidentally shared, compromised, or exposed. This includes data that requires protection under the laws, regulations, and/or requires Brink's to notify external entities within 24 to 72 hours.
Why is reporting the right thing to do? If you believe an information security issue has occurred, it is important to report it as soon as possible. This allows the investigative team to act quickly to determine the severity and contain the situation. It is especially critical that cybersecurity events are investigated where we have an obligation to report to our external entities, these could include: personal data, client confidential data, financial data, etc.
What to report when an issue occurs?
1. Data: the exposure, corruption, compromise or loss of Brink's or customer or supplier data.
2. Personal Identifiable Information (PII): this includes any information relating to an identified person, i.e., non-public employee personal data such as date of birth, address, cell phone number, social security, and bank account.
3. Customer Data: any non-public information used by Brink's, its customers, suppliers, other business partners and contacts and subsidiaries in the execution of services.
4. Inability to access system or application data.
Immediately do one of the following: report the possible issue by opening a ServiceNow ticket or Call Brink's US Helpdesk at +1-877-741-5773 or Email the Global Information Security team at gis@brinksinc.com. The important thing to remember is to do one of these three immediately.