Email Template

Hi <name>,

I'm about to send you an email with a link to sign up for an account with my cybersecurity vendor, SpyCloud. This account will grant you 30 days of complimentary access to the valuable information SpyCloud has discovered regarding <partnername>'s employees in the criminal underground. This primarily includes credentials of employees, including C-level executives, that have been exposed in recent third-party data breaches.

At <company>, we take the risk of account takeover from our partners seriously, as it can extend to our shared systems. The data provided by SpyCloud is highly actionable, and I kindly request that you take steps to remediate these exposures, such as resetting potentially compromised passwords.

You have two options for remediation. Firstly, you can manually export a CSV file of your exposed records, compare them to your active user accounts, and proceed with resetting the compromised passwords. This method resolves exposures for a specific point in time and needs to be repeated as new data breaches emerge. Alternatively, if you prefer automated remediation, SpyCloud can guide you through the available options. Feel free to reach out if you have any questions regarding our experience working with them.

To help you understand account takeover and take appropriate next steps, I have included some useful resources:

- ATO 101: This plain-English whitepaper explains what account takeover is and how it happens.
- SpyCloud Portal Walkthrough: This guide will assist you in making the most of the free 30 days of SpyCloud access.
- Employee Password Remediation Tipsheet: This resource provides guidance on what to do if an employee's credentials have been compromised.

Thank you for your attention to these exposures, and please don't hesitate to reach out if you have any questions or need clarification on the data you see in SpyCloud's portal.

Best regards,

<signature>