A reminder that if your company experiences a Ransomware incident, technically you should update your privacy policy to include whichever Ransomware group was behind it as a sub-processor