What Qualifies as a Security Incident?

Security incidents include unauthorized access to customer data, system compromise, account takeover, DDoS attacks, malware detection, or insider threats. Normal operational issues are tracked on our status page but don’t trigger the full incident response process.

Data Breach Notification

A data breach occurs when there is unauthorized access, disclosure, acquisition, or loss of customer data.

Notification Timelines

Customer Notification: We notify affected customers within 24-48 hours of confirming critical incidents
Regulatory Compliance: We meet all applicable regulatory notification requirements (GDPR, HIPAA, etc.)
Your Obligations: As a data controller, you determine whether to notify affected individuals

Specific notification timelines vary based on incident severity, applicable regulations, and whether you have a BAA. Contact security@abv.dev for details about notification procedures for your account.

HIPAA Customers

For customers with Business Associate Agreements (BAA), we distinguish between security incidents and breaches of unsecured PHI. We follow HIPAA-mandated notification timelines and assist with HHS reporting requirements.

Status Page and Transparency

We maintain a public status page with real-time service status and incident updates. During active incidents, we provide updates every 30 minutes (critical), 1-2 hours (high), or 4 hours (medium). Significant incidents result in public post-mortems.

Vulnerability Management

Learn about our proactive security testing

Responsible Disclosure

Report security vulnerabilities to our team

Status Page

Monitor real-time service status

Security Overview

Return to the security overview

Vulnerability Management

Responsible Disclosure

Overview

Security

Compliance

Privacy

Incident & Breach Response

What Qualifies as a Security Incident?

Data Breach Notification

Notification Timelines

HIPAA Customers

Status Page and Transparency

Vulnerability Management

Responsible Disclosure

Status Page

Security Overview

Overview

Security

Compliance

Privacy

​What Qualifies as a Security Incident?

​Data Breach Notification

​Notification Timelines

​HIPAA Customers

​Status Page and Transparency

​Related Topics

Vulnerability Management

Responsible Disclosure

Status Page

Security Overview

What Qualifies as a Security Incident?

Data Breach Notification

Notification Timelines

HIPAA Customers

Status Page and Transparency

Related Topics