Open incidents and drills in one console. Each incident carries a state machine, impact summary, scoped tenant list, and — when PII is in scope — a 72-hour Art. 33 notification clock.
Newly triaged or unresolved.
Mitigated, watch window active.
Triggers Art. 33 clock.
Verified per tenant.
Opened 23 May 2026, 17:10 by deliverability-alert
Publicis Sweden — Centenary 100
4/320 hard bounces during STD initial burst. No data exposure; isolated to invalid mailbox addresses. Suppression list updated.
23 May 2026, 17:42 · ops@kehitys.se
Suppressed 4 addresses; flagged tenant CS for follow-up.
23 May 2026, 17:14 · ops@kehitys.se
Replayed Resend webhook retries after one 5xx flake.
23 May 2026, 17:10 · deliverability-alert
Bounce rate breach threshold (>1%) for publicis sending domain.
Postmortem closure and breach-notification dispatch both route through step-up + reason.
Verified out-of-band. Re-verification is required if a tenant DPO changes; the re-verify action routes through step-up.
| Tenant | DPO | Escalation | Verified | |
|---|---|---|---|---|
Publicis Sweden — Centenary 100 | Anna Sjölund | dpo@publicis.se | +46 8 411 00 00 · GC during business hours | 19 May 2026, 16:30 |
Ericsson — 150 Years | Per Hansson | dpo@ericsson.com | +46 10 719 00 00 · global DPO desk | 12 May 2026, 13:30 |
Nordic Gala 2027 | Karin Lind | dpo@nordicgala.se | +46 8 555 12 00 · CEO out-of-hours | 20 May 2026, 11:00 |
Tabletop — leaked invite token batch / cross-tenant read.
Participants: founder@kehitys.se, ops@kehitys.se, review@kehitys.se
Identified gap: tenant DPO escalation phone was stale. Resolved within 48h.
Tabletop — Resend account compromise.
Participants: founder@kehitys.se, ops@kehitys.se
Quarter scheduling per architecture §15 (quarterly cadence).