Short answer : it does not matter if it is minor or major, always disclose. Why you ask ? Because the clients WILL become aware of it sooner or later. Beside the legal troubles you'll get into by attempting to conceal or obfuscate, increasing your transparency will increase the trust your client has for you in the long run, assuming the breach is plugged in a timely manner. Not disclosing the intrusion however will set a precedent that you lied to your client's face. That will never go away and taint any all relationship with them, present and future... that is, if the client is willing to continue engaging with such a supplier.

In all transparency is crucial with your clients. And as you work on disclosing this to the client, also work on getting the threat and risk mitigated. Thia fosters confidence and trust with you can your clients

Primeramente Conocer el da?o potencial que ha surgido por la violacion de datos , determinar si dicho da?o es a nivel global o parcial , en caso que se global establecer contramedidas de seguridad para evitar la proliferacion de la violacion . en caso de ser parcial aislar las zonas afectadas . posterior crear contramedidas para determinar si las infiltraciones poseen un parametro comun y asi ir resolviendo caso por caso o zona por zona.

There's no situation that should lead to withholding such information. Data breach, no matter how small should be clearly stated via written communication with affected clients. Withholding this information will almost certainly lead to a negative impact on your company's reputation and lead to loss of trust with the already established client-base.

Como prioridad es definir el impacto e identificar la falla en el sistema. Se acepta la el error y se informa complementando las medidas de seguridad que se van a optar para que no vuelva a pasar.