Illinois Data Breach Notification Packet

Pursuant to the Illinois Personal Information Protection Act (815 Ill. Comp. Stat. 530)

[// GUIDANCE: This packet contains (i) a notice letter to the Illinois Attorney General (“AG”) and (ii) a consumer notification letter. Both templates are drafted to comply with 815 ILCS 530/10 & /25 (2024). Substitute, add, or delete language to reflect the facts of the incident and your organization’s remediation measures.]

TABLE OF CONTENTS

1. Attorney General Notice Letter .................................................. 2
2. Consumer Notification Letter .................................................... 6
3. Optional Call-Center / FAQ Script (outline) ................................... 12

1. Illinois Attorney General Notice Letter Template

[// GUIDANCE: Use this template if the breach affects “more than 500 Illinois residents” or if the AG requests notice. Send the letter “in the most expedient time possible and without unreasonable delay, but no later than 45 days after determination of the breach,” per 815 ILCS 530/25.]

[COMPANY LETTERHEAD]
[Company Legal Name]
[Street Address] • [City], [State] [ZIP] • [Phone]

[DATE]

The Honorable [Kwame Raoul]
Illinois Attorney General
Attn: Data Security Breach Notification
100 W. Randolph St.
Chicago, IL 60601
Email: [email protected]

Re: Notice of Data Breach – [Company Legal Name] – [###] Illinois Residents Affected

Dear Attorney General [Raoul]:

1. Incident Overview
   [Brief, factual description of how and when the breach was discovered, e.g.,
   “On [Discovery Date], we identified unauthorized access to our [system/network].
   A forensic investigation confirmed that, between [Date Range], an unknown actor
   accessed files containing personal information of certain Illinois residents.”]

2. Type of Personal Information Involved
   The files may have contained one or more of the following data elements:
   • [Full name]
   • [Social Security number]
   • [Driver’s license/state ID number]
   • [Medical / insurance information]
   • [Financial account number + access code]
   • [Any other “Personal Information” as defined in 815 ILCS 530/5]

3. Number of Impacted Individuals
   We have identified [###] Illinois residents whose personal information was, or is reasonably believed to have been, compromised. This number may change as the investigation continues.

4. Timeline & Method of Consumer Notification
   • Determination of breach: [Determination Date]
   • Notification to Illinois residents commences: [Planned Mailing Date] (within 45 days)
   • Notification method: [First-class mail / Email with receipt confirmation / Telephone / Substitute notice]
   If substitute notice is used, explain how each statutory element will be satisfied.*

5. Remedial Measures & Mitigation
   • Contained the incident by [action].
   • Retained independent cybersecurity experts for forensic review.
   • Reset credentials and enhanced multi-factor authentication.
   • Offering [12/24] months of complimentary credit monitoring and identity restoration services to affected individuals.
   • Established a dedicated, toll-free call center: ([###]) ###-####, open [Hours/CST].

6. Law-Enforcement Coordination
   [If applicable] We reported the incident to [FBI/Secret Service/local PD] on [Date] and will cooperate with any investigation. We respectfully request, pursuant to 815 ILCS 530/20, that your office maintain the confidentiality of information that could compromise ongoing law-enforcement efforts or reveal system-specific security details.

7. Enclosures
   • Sample consumer notification letter (Exhibit A).
   • List of consumer reporting agencies receiving substitute notice (if any).

Please contact me at [Direct Phone] or [Email] with any questions.

Sincerely,

[NAME]
[Title] • [Company Legal Name]

2. Consumer Notification Letter Template

[// GUIDANCE: Deliver to each affected Illinois resident no later than 45 days after confirming a breach. The letter must be written in plain language, contain all elements required by 815 ILCS 530/10(c), and cannot include any waivers of the individual’s legal rights.]

[COMPANY LETTERHEAD]

[DATE]

[Recipient Name]
[Street Address]
[City], IL [ZIP]

Subject: IMPORTANT NOTICE OF DATA BREACH

Dear [Recipient Name]:

We write to inform you of a data security incident that may have involved your personal information. We take this matter very seriously and are providing you with details, steps you can take to protect yourself, and resources we are making available at no cost to you.

1. What Happened?
   On [Discovery Date], we detected suspicious activity in our [system/network]. A thorough forensic investigation revealed that, between [Date Range], an unauthorized actor accessed certain files stored on our network. We confirmed the scope of the incident on [Confirmation Date].

2. What Information Was Involved?
   The files may have contained one or more of the following:
   • [Specific data elements].
   At this time, we have no evidence of fraud or identity theft arising from this incident. Nevertheless, we are notifying you out of an abundance of caution.

3. What We Are Doing.
   • Immediately secured and remediated the affected systems.
   • Engaged leading cybersecurity experts to assist in the investigation.
   • Reported the incident to law-enforcement authorities and to the Illinois Attorney General.
   • Offering you [12/24] months of complimentary credit monitoring and identity-theft restoration services through [Service Provider]. To enroll, follow the instructions in the attached “Activation Instructions” sheet and use code [ACTIVATION CODE] by [Enrollment Deadline].
   • Established a dedicated call center at ([###]) ###-####, Monday-Friday, [Hours/CST].

4. What You Can Do.
   We recommend that you:
   a. Review your account statements and credit reports for suspicious activity.
   b. Consider placing a fraud alert or security freeze on your credit files.
   c. Remain vigilant and report any suspected identity theft to us and to the appropriate authorities.

Contact information for the three nationwide consumer reporting agencies is provided below:
• Equifax: 1-800-685-1111 — www.equifax.com
• Experian: 1-888-397-3742 — www.experian.com
• TransUnion: 1-800-916-8800 — www.transunion.com

You may obtain a free copy of your credit report from each agency once every 12 months by visiting www.annualcreditreport.com or calling 1-877-322-8228.

You also have the right to file a police report and to obtain information from us on how to place a security freeze free of charge.

5. Additional Resources.
   • Federal Trade Commission: 1-877-ID-THEFT (1-877-438-4338) or www.identitytheft.gov
   • Illinois Attorney General Identity Theft Hotline: 1-866-999-5630 or www.illinoisattorneygeneral.gov

6. For More Information.
   If you have questions, please contact our call center at ([###]) ###-####, visit [Incident-Webpage URL], or write to us at:
   Data Privacy Officer – [Company Name]
   [Street Address] • [City], [State] [ZIP]

We regret any inconvenience or concern this incident may cause and remain committed to safeguarding your information.

Sincerely,

[NAME]
[Title] • [Company Legal Name]

Enclosures:
• Activation Instructions for Credit Monitoring
• “Steps You Can Take to Protect Your Personal Information” (FTC brochure)

3. Optional Call-Center / FAQ Script (Outline)

[// GUIDANCE: Provide to call-center staff or customer-service reps. Keep answers consistent with written notices to avoid inadvertent admissions.]

A. Verification of Caller Identity
1. Ask for full name, address, last four digits of SSN.
2. Authenticate against breach-population file.

B. Core Talking Points
• The nature and timing of the incident.
• Data elements potentially involved.
• Remediation steps taken.
• Instructions for credit-monitoring enrollment.
• How to place security freezes or fraud alerts.
• Contact information for regulatory resources.

C. Escalation Protocol
• Forward media inquiries to [Media Contact].
• Forward legal inquiries/subpoenas to [General Counsel].
• Log and escalate any report of actual fraud or identity theft.

KEY STATUTORY REFERENCES (for attorney use only)

• Consumer notice & content requirements: 815 Ill. Comp. Stat. 530/10 (2024).
• Attorney General notification: 815 Ill. Comp. Stat. 530/25 (2024).

[// GUIDANCE: Do not include citations in consumer letters; they are provided here solely for attorney reference.]

DISCLAIMER

This template is provided for general informational purposes and does not constitute legal advice. Applicability depends on the specific facts and timing of each incident, and on any amendments to Illinois or federal law. Counsel should tailor the final documents accordingly and confirm compliance with all contractual, regulatory, and law-enforcement obligations.