(no title)

>"Our dedication to transparency, security, and the trust you place in us remains unwavering."

You are contradicting yourself here.

>"The source of this security incident was due to an uncaught error response in one of our APIs that didn't properly format the response before sending it back to the client. The response contained our internal admin tokens, which can then be used to access internal endpoints, which unveiled sensitive user information."

Why would you leave that out? Seems like it is vital information.