Cis 17 Breach Help
Cis 17 Breach Help
Cis 17 Breach Help
You get a letter from a company, a government agency, a university, a hospital or other organiza-
tion. The letter says your personal information may have been involved in a data breach. Or maybe
you learn about a breach from a news report or company web site. Either way, a breach notice
does not mean that you are a victim of identity theft or other harm, but you could be at risk.
The breach notice should tell you what specific types of personal information were involved. It may
also tell you what the organization is doing in response. There are steps you can take to protect
yourself. What to do depends on the type of personal information involved in the breach.
Note that credit monitoring, which is often offered by breached companies, alerts you after some-
one has applied for or opened new credit in your name. Credit monitoring can be helpful in the
case of a Social Security number breach. It does not alert you to fraudulent activity on your existing
credit or debit card account.
This fact sheet is for informational purposes and should not be construed as legal advice or as
policy of the State of California. If you want advice on a particular case, you should consult an
attorney or other expert. The fact sheet may be copied, if (1) the meaning of the copied text is
not changed or misrepresented, (2) credit is given to the California Department of Justice, and
(3) all copies are distributed free of charge.
NOTES
1
Truth in Lending Act, 14 U.S. Code sec. 1601 and following.
2
Electronic Funds Transfer Act, 15 U.S. Code sec. 1693 and following.