We've experienced a potential data breach involving [DESCRIBE WHAT WAS ACCESSED/EXPOSED]. Help me create an immediate response plan: 1) First 24 hours: steps to contain the breach, 2) Legal notification obligations (GDPR, CCPA, state breach laws — we operate in [STATES]), 3) Timeline for required notifications to regulators and affected individuals, 4) What to say (and not say) in notifications, 5) Documentation to preserve for legal defense, 6) Regulatory penalties we might face. Time-sensitive — prioritize immediate actions.