Skip to Content

Breach response services

The BBR Services team will continue to collaborate with you throughout the investigation and response process, to provide guidance and to arrange breach investigation and response services provided by Beazley’s network of expert service providers.

Legal services

If an incident occurs that might require notification under relevant breach notice laws or regulations, specific Legal Services to assist you in investigating and responding to the incident are included.

BBR Services will arrange Legal Services for you and will connect you to these experts; please do not contact Beazley’s partnering law firms directly without the involvement of BBR Services.

Computer expert services

In the event that external forensics assistance is needed to assess the impact of a data incident on your computer system, Computer Expert Services will be provided to (1) help to determine whether, and the extent to which, notification must be provided to comply with Breach Notice Laws, and (2) if applicable, give advice and oversight in connection with the investigation conducted by a PCI Forensic Investigator.

The computer security expert that provides Computer Expert Services will require access to information, files and systems and it is important for you to comply with the expert’s requests and cooperate with the investigation. Reports or findings of the expert will be made available to you, us, the BBR Services team and any attorney that you retain to provide advice with regard to the incident.

BBR Services will arrange Computer Expert Services for you and will connect you to these experts; please do not contact Beazley’s partnering forensics firms directly without the involvement of BBR Services.

Notification and call centre services

BBR Services will assist you with the notification process, including arranging for notification and/or call centre service. BBR Services will walk you through notification details such as how to work with privacy counsel to develop notification letters and how to timely provide notification letters, relevant addresses and other required deliverables to the notification vendor.

Breach resolution and mitigation services

Beazley Breach Response includes a number of products that provide Resolution and Mitigation Services, including credit monitoring and identity monitoring solutions. All the solutions include Identity Restoration services.*

The BBR Services team has handled over ten thousand data breaches and will advise you on which products or solutions may be applicable for a particular 
breach event.

A product or solution may be offered where reasonably practicable and only to the extent available in a particular jurisdiction. Notified Individuals will have up to ninety (90) days from mailing of the notification to subscribe to an offered product or solution and they must qualify for enrollment, complete the enrollment process and agree to the applicable terms and conditions set by the provider. Enrollees of an offered product or solution will have access to the services provided under such product or solution for 12 months from the date of their enrollment.

* Subscribers will automatically receive access to Identity Restoration services from the date of the notification letter through the full duration of the product term, even if consumers don’t enroll in the product. If they do enroll in an IdentityWorks product, identity restoration is extended through the full duration of the product term as well. Product enrollments must occur prior to the Enrollment End Date indicated on the order form.

Additional information on products and offerings

Descriptions of each of the credit or identity monitoring products and solutions are provided by ConsumerInfo.com, Inc. and Equifax Canada Co. and are for informational purposes only and are not part of the Policy. The actual services available with each product or solution are governed by the terms and conditions of the applicable agreements that you must enter into prior to the product or solution being offered to Notified Individuals. Further information about the ConsumerInfo.com, Inc. and Equifax Canada products can be obtained at the telephone numbers indicated in the applicable description. You may also contact us through your insurance broker to receive additional information about the Services.

Your responsibilities

To ensure that the Services described above are provided promptly and properly, you must follow the requirements and procedures set forth in the Policy and in this Information Packet. We require your assistance and cooperation with us and with any third party vendors providing Services. Please respond to BBR Services or outside vendor requests and inquiries in a timely manner and enter into necessary contracts required by our vendors for the provision of services. You will be responsible for paying any costs resulting from your failure to timely provide responses, accurate information or approvals necessary for the provision of the Services. There is no coverage under the Policy for any of your internal salary or overhead expenses or for your assistance and cooperation in responding to a breach incident. In the event of a breach incident or suspected incident, do not contact any service providers directly. Instead, you must first provide notice to us at bbrcanada@beazley.com or at (844) 778-5950.


Due to recent high call volume owing to increased usage of toll free lines, intermittent outages are impacting toll free networks including our toll free incident reporting call line.  We strongly encourage that suspected data breaches or other data incidents be notified to Beazley by emailing bbrcanada@beazley.com. Such email notification will receive prompt attention by our BBR Services team.


Contacting any of the service providers listed in this Information Packet shall not constitute notice under the terms of the Policy.

As used in this Information Packet, the terms “we” or “us” or have the same meaning as the term “Underwriters” in the Policy and “you” has the same meaning as the “Insured Organisation” in the Policy. Capitalised terms not defined in this Information Packet have the same meaning as set forth in the Policy.