Notice of Data Breach Template

— Begin Notice Template —

What Happened?

On [DISCOVERY DATE], [ORGANIZATION NAME] discovered that [BRIEF DESCRIPTION OF THE INCIDENT, INCLUDING THE BREACH DATE OR DATE RANGE IF KNOWN]. We immediately began an investigation and engaged [FORENSIC / LEGAL / LAW-ENFORCEMENT RESOURCES ENGAGED] to determine the scope of the incident and the information potentially affected.

Law-enforcement-delay disclosure (§1798.82(d)(2)(D)) — required when this information is possible to determine at the time the notice is provided. Use exactly one of the two statements below: [OPTION A — NO DELAY: This notification was not delayed by a law enforcement investigation.] [OPTION B — DELAYED: This notification was delayed at the request of law enforcement until [DATE THE DELAY WAS LIFTED] because notification was determined to impede a criminal investigation.]

What Information Was Involved?

Based on our investigation, the personal information potentially involved included: [DATA CATEGORIES — e.g., name, mailing address, Social Security number, driver’s license number, California identification card number, financial account number, medical information, health insurance information, etc.]. The investigation has [NOT FOUND / FOUND] evidence that the information has been misused.

What We Are Doing,

In response to this incident, [ORGANIZATION NAME] has taken the following steps: [REMEDIATION STEPS — e.g., contained the incident, reset credentials, engaged a forensic firm, notified law enforcement, strengthened monitoring and access controls, etc.].

Conditional — include only if a single breach affects more than 500 California residents (§1798.82(f)) or if other regulator notifications are in fact required by counsel: We are also notifying [CALIFORNIA ATTORNEY GENERAL / OTHER REGULATORS AS DETERMINED BY COUNSEL] as required.

Conditional — include only if your organization was the source of the breach AND the breach exposed a Social Security number or a government-issued identification number (driver’s license, California ID, tax ID, passport, military ID): Because the affected information included [SSN / DRIVER’S LICENSE / CALIFORNIA ID / OTHER GOVERNMENT-ISSUED IDENTIFICATION NUMBER], we are offering you [NAME OF SERVICE] identity-theft prevention and mitigation services at no cost to you for 12 months. Enrollment instructions and your activation code are included with this letter.

What You Can Do,

We encourage you to take the following protective steps:

• Review account statements and credit-report activity for any unauthorized transactions.
• Place a fraud alert or security freeze with the three nationwide credit reporting agencies (Equifax, Experian, TransUnion).
• Request a free credit report at [CREDIT-REPORTING-AGENCY URL].
• Report any suspected identity theft to local law enforcement, the California Attorney General, and the Federal Trade Commission at [FTC IDENTITY-THEFT URL].
• [ADDITIONAL RECOMMENDED STEPS, IF ANY]

Credit-bureau contact block (§1798.82(d)(2)(F)) — required when the breach exposed a Social Security number, driver’s license number, or California identification card number. Include the toll-free telephone numbers and addresses of the major credit reporting agencies. Verify the current numbers and addresses with each agency before sending:

• Equifax — [EQUIFAX TOLL-FREE NUMBER], [EQUIFAX MAILING ADDRESS]
• Experian — [EXPERIAN TOLL-FREE NUMBER], [EXPERIAN MAILING ADDRESS]
• TransUnion — [TRANSUNION TOLL-FREE NUMBER], [TRANSUNION MAILING ADDRESS]

For More Information.

If you have questions, please contact [ORGANIZATION CONTACT NAME / TITLE] at [CONTACT PHONE], [CONTACT EMAIL], or [POSTAL ADDRESS]. A dedicated breach response line is available at [BREACH-RESPONSE HOTLINE], [HOURS OF OPERATION]. We sincerely apologize for any inconvenience or concern this incident may cause.

— End Notice Template —