I almost (ALMOST) permanently overwrote the only config file (e.g. no backup) that contained an encryption key for user logins. This would have disabled my clients' ability to login to my site and also made it impractical (if not unethical) to hack their encrypted passwords.
In the grand scope, nobody's died here; but, as a fledgling website, any annoying thing could prevent users from coming back.
Let's say I did make the mistake that affected ALL my users.
How would I then go to them and acknowledge fault?
Is it simply a matter a of emailing something to the effect of
Dear Client, We messed up. We are sorry. Here is what you need to do to fix.
Or maybe a little bit more detail? More chagrin?
I'm guessing there's no single "right way" so a general rule of thumb would be helpful.