Social media and data breaches are intrinsically linked, as any significant event now will involve public participation online. When data breaches occur, organizations must communicate on social media in a timely, transparent manner to inform affected users and address questions with humility. An 11-point plan outlines best practices for multi-platform social media communication during a data breach, including driving internal notification, being transparent about impacts, coordinating protocols, engaging with online discussions, and committing to security improvements.