In a nut shell what we did:
Evaluate all user databases and dump out of date records.
All data transfer and backups all now via sftp
Took out £1m cyber insurance with a team behind them who handle all data breach processes.
Notify all clients of database records we hold
Update privacy policy
Train staff
Put data processes in place going forward
With regards to this forum, migrate from Vbulletin software who provided no support or direction to Xenforo 2.07, dump all personal data, DOB, signatures, hobbies, interests, 3rd party contact info and force agreement to new Terms (next week)
I suppose it’s good to have a good clear out ant tidy all data.