I’m not giving them a break on this. They sent me the same email. I’m having the same experience.
I actually do have a support case history with them, and I’d like to review what data has been lost. I’ve been a customer for over a decade. I have no clue what was in that history because I’ve filed numerous tickets over the years. They have made that impossible without paying them, even if you’ve paid them in the past.
They clearly failed to test their process on each account type.
I guess we could send individual data subject requests to their DPO, but that is probably more costly for them.
Consider if your support cases were instead with Zendesk and not with Salesforce. This could explain why they did not contact you.
They did indeed contact me by email to let me know my data was in scope of the breach.