Skip to main content

Reporting data breaches to affected residents

If you know or have reason to know that your organization has experienced a data breach covered by the Breach Notification Law, you must notify all affected residents with a written Consumer Notice.

The Consumer Notice must include, but is not limited to:

  • The resident’s right to obtain a police report
  • How the resident can request a credit freeze
  • The information a resident will need to request a credit freeze
  • That there is no fee for requesting, temporarily lifting, or permanently removing a security freeze with any of the consumer reporting agencies

A sample letter containing information you must provide each affected consumer is available here

In addition, if the information involved in the incident includes social security numbers of Massachusetts residents, you must also provide each affected consumer with free credit monitoring services. Please consult the Breach Notification Law for more information about this mandate. 

 

Contact   for Reporting data breaches to affected residents

Online

Find more ways to contact the Attorney General's Office 

Phone

Call Contact the Attorney General's Office at (617) 727-2200
Mass relay users dial 7-1-1 and connect via our main number. Call Contact the Attorney General's Office, Mass relay users dial 7-1-1 and connect via our main number. at 7-1-1

Related

Help Us Improve Mass.gov  with your feedback

Please do not include personal or contact information.
Feedback