This form is for public electronic communications service providers to report a breach of security or send their completed monthly breach log to the ICO.
We will use the information you provide to record the breach and, if necessary, to investigate further. We may share the information with other law enforcement or regulatory bodies where necessary.
After you submit the form, we will email you a copy of your responses, along with a reference number for future correspondence. Please retain this email for your records.
Before completing this form, you should read our guidance on security breaches.
You do not need to complete this form if by doing so you would breach an enactment, court order or certificate signed by a Minister of the Crown that allows you to withhold the information for national security purposes.
If you are subject to PECR and you experience a personal data breach, you should continue to report under PECR. There is no need to report under the DPA 2018 (UK GDPR), too.