Hello. I’ve seen some real disparity in how companies care for customers after a data breach.

It is true that hackers will hack and no business can seal itself 100%. What an organization does after a breach depends on many factors, including the sensitivity of the data, the cost of providing credit monitoring, the risk of reputational harm, and whether a lawsuit is likely (um, yes). Throw in a patchwork of privacy regulations and there is no uniform data-breach script.

Still, I’m surprised at the varying levels of responsibility companies take.

Scroll down for a look at some recent moves from Canadian airline WestJet, Atlanta-based parking app ParkMobile and Doctors Imaging Group, a medical company in Florida that provides mammograms and other radiology services.

More news below. 

• Texas attorney general Ken Paxton opened an investigation of TP-Link Systems, a networking-gear company founded in China, for possibly providing U.S. data to the Chinese government. TP-Link, which has headquarters in Irvine, Calif., has said it has no ties to China's government. 

Radiology provider Doctors Imaging Group is notifying nearly 172,000 patients that their personal, financial and clinical information was accessed in November 2024. Patients should freeze their credit reports and watch for suspicious activity, the company said in a notice on its website. 

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten, James Rundle and Catherine Stupp. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.