Templates Legal Letters Correspondence State Data Breach Notification Letter
Mississippi Legal Letters Correspondence
Blank Document PRO
From Template
Upload Document Word (.docx) & Markdown files
PRO
State Data Breach Notification Letter
Ready to Edit
State Data Breach Notification Letter - Free Editor

Mississippi Data Breach Notification Package

(Attorney General & Consumer Forms)

[// GUIDANCE: This template supplies (A) the statutorily-required notice to the Mississippi Attorney General and, when applicable, consumer-reporting agencies, and (B) the companion notice to individual Mississippi residents. Mississippi’s Security Breach Notification Act is codified at Miss. Code Ann. § 75-24-29 (2023) (“MS Act”). Notices must be dispatched without unreasonable delay and no later than forty-five (45) days after the Breach Determination Date. If ≥ 500 Mississippi residents are affected, simultaneous AG notice is mandatory. Insert all bracketed text and delete guidance before issuance.]

TABLE OF CONTENTS

I. Document Header
II. Definitions
III. Operative Provisions (Timing & Recipients)
IV. Attorney General Notification Letter
V. Consumer Notification Letter
VI. General Provisions & Execution Block

I. DOCUMENT HEADER

Re: Mississippi Data Breach Notification – [Name of Covered Entity]
Effective Date: [DATE]
Jurisdiction: State of Mississippi

Covered Entity: [LEGAL NAME], a [STATE] [corporation/LLC/partnership] with principal offices at [ADDRESS] (“Company”).

II. DEFINITIONS

  1. “Breach Determination Date” – The calendar date on which Company concluded, or reasonably should have concluded, that a Security Breach occurred.
  2. “Consumer Reporting Agencies” – Equifax, Experian, and TransUnion (or any successor nationwide consumer-reporting agencies).
  3. “Personal Information” – An individual’s first name or first initial and last name in combination with any one or more of the data elements listed in Miss. Code Ann. § 75-24-29(1)(a), when unencrypted or in an otherwise usable form.
  4. “Security Breach” – An unauthorized acquisition of unencrypted Personal Information that compromises the security, confidentiality, or integrity of such information, as defined in § 75-24-29(1)(b).
  5. “Notification Date” – The calendar date on which written notice, conforming to this template, is deposited in the U.S. mail (first-class) or transmitted via equally effective electronic means.

III. OPERATIVE PROVISIONS (TIMING & RECIPIENTS)

  1. Notification to all affected Mississippi residents and, if applicable, the Mississippi Attorney General and Consumer Reporting Agencies shall occur no later than forty-five (45) days after the Breach Determination Date.
  2. If the total number of Mississippi residents affected equals or exceeds five hundred (500), Company must simultaneously notify:
    a. The Mississippi Attorney General, and
    b. Each nationwide Consumer Reporting Agency.
  3. A copy of the Consumer Notification Letter (Section V) shall be attached to the Attorney General Notification Letter (Section IV).
  4. All notices shall be retained in Company’s compliance files for a minimum of five (5) years from the Notification Date.

IV. ATTORNEY GENERAL NOTIFICATION LETTER

(to be printed on Company letterhead)

[Date]

The Honorable Attorney General
Office of the Mississippi Attorney General
P.O. Box 220
Jackson, MS 39205

Re: Notice of Security Breach Pursuant to Miss. Code Ann. § 75-24-29

Dear Attorney General [NAME]:

Pursuant to Miss. Code Ann. § 75-24-29, [Company] hereby provides formal notice of a Security Breach involving Personal Information of Mississippi residents.

  1. Incident Overview
    • Breach Determination Date: [MM/DD/YYYY]
    • Incident Window (if known): [MM/DD/YYYY – MM/DD/YYYY]
    • Nature of Incident (e.g., phishing, ransomware, lost device): [DESCRIPTION].

  2. Personal Information Implicated
    The incident involved the following data elements, unencrypted or in otherwise usable form:
    ☐ Social Security numbers
    ☐ Driver’s license / state ID numbers
    ☐ Financial account numbers (with or without access codes)
    ☐ Medical / health insurance information
    ☐ Other (describe): _____

  3. Population Impacted
    • Total individuals affected: [NUMBER]
    • Mississippi residents: [NUMBER]
    • Residents of other jurisdictions (if known): [NUMBER / “N/A”]

  4. Timeline & Compliance
    • Breach Determination Date: [MM/DD/YYYY]
    • AG Notification Date (this letter): [MM/DD/YYYY]
    • Consumer Notification Date (anticipated/actual): [MM/DD/YYYY]
    These dates fall within the 45-day statutory period.

  5. Steps Taken to Contain & Remediate
    • Immediately isolated affected systems.
    • Engaged third-party cybersecurity firm on [MM/DD/YYYY].
    • Reset credentials and deployed multi-factor authentication.
    • Offered complimentary [12/24] months of credit monitoring and identity-theft protection to all affected individuals.

  6. Information for Law-Enforcement Coordination
    • FBI IC3 Report #: [NUMBER / “Pending”] (if applicable)
    • Local law-enforcement contact: [AGENCY / OFFICER / PHONE] (if applicable)

  7. Enclosures
    a. Copy of Consumer Notification Letter.
    b. List of Consumer Reporting Agencies notified (if 500+ residents).

Please contact the undersigned at [PHONE] or [EMAIL] should you require additional information or wish to coordinate further.

Respectfully submitted,

[NAME]
[Title]
[Company Name]

V. CONSUMER NOTIFICATION LETTER

(to be printed on Company letterhead – first-class mail or compliant electronic delivery)

[Date]

[Recipient Name]
[Address]
[City, State ZIP]

Notice of Data Security Incident

Dear [Recipient Name]:

We are writing to inform you of a data security incident that may have impacted your personal information. Protecting your information is of utmost importance to us, and we want to provide you with details of what happened, what we are doing, and how you can protect yourself.

  1. What Happened
    On [DATE], we discovered unauthorized activity in our [system/network]. Our investigation determined that, between [DATE RANGE], an unauthorized actor [brief description of activity]. We concluded our investigation on [Breach Determination Date].

  2. What Information Was Involved
    The incident may have involved some or all of the following elements of your Personal Information:
    ☐ Social Security number
    ☐ Driver’s license / state identification number
    ☐ Financial account number(s) and/or access code(s)
    ☐ Medical / health-insurance information
    ☐ Other: [DESCRIPTION]

  3. What We Are Doing
    • Secured our systems and engaged leading cybersecurity experts.
    • Notified the Mississippi Attorney General, Consumer Reporting Agencies, and other regulators as required.
    • Implemented additional technical safeguards, including [LIST].
    • Providing you [12/24] months of complimentary credit monitoring and identity-theft protection services through [SERVICE PROVIDER]. Enclosed please find enrollment instructions and your activation code.

  4. What You Can Do
    We encourage you to take the following precautions:
    a. Enroll in the complimentary credit-monitoring services.
    b. Review the enclosed “Steps You Can Take to Protect Your Information,” which includes how to obtain free credit reports, place fraud alerts, and implement security freezes.
    c. Remain vigilant and promptly report any suspicious activity or suspected identity theft to law enforcement, your state’s Attorney General, or the Federal Trade Commission.

  5. For More Information
    If you have questions, please call our dedicated toll-free response line at [PHONE] between [HOURS] or email us at [EMAIL]. You may also write to us at the address above.

We regret any inconvenience or concern this incident may cause and remain committed to safeguarding the information entrusted to us.

Sincerely,

[NAME]
[Title]
[Company]

Enclosures:
1. Credit Monitoring Enrollment Instructions
2. Steps You Can Take to Protect Your Information

VI. GENERAL PROVISIONS & EXECUTION BLOCK

  1. Governing Law. This notification package is drafted pursuant to, and shall be interpreted in accordance with, the laws of the State of Mississippi, including Miss. Code Ann. § 75-24-29.
  2. Reservation of Rights. Company expressly reserves all defenses available under applicable law and does not concede the occurrence of any breach, violation, or liability beyond the obligations imposed by the MS Act.
  3. No Admission. Delivery of these notices shall not be construed as an admission of fault, liability, or wrongdoing.
  4. Counterparts & Electronic Signatures. This notification package may be executed in counterparts and delivered by electronic transmission, each of which shall be deemed an original.

Executed on the Effective Date by the duly authorized representative of Company:

______ Date: ______
[NAME, TITLE]

[CORPORATE SEAL, if applicable]

[// GUIDANCE:
1. Replace all bracketed placeholders before issuance.
2. Maintain a complete copy of this package, with proof of mailing, for at least five (5) years.
3. If fewer than 500 residents are affected, AG notice is optional but recommended best practice.
4. Coordinate with insurance counsel to confirm coverage and carrier notification requirements.
5. For multi-state incidents, append separate state-specific addenda or a multi-jurisdictional notice matrix.]

AI Legal Assistant

Welcome to State Data Breach Notification Letter

You're viewing a professional legal template that you can edit directly in your browser.

What's included:

  • Professional legal document formatting
  • Mississippi jurisdiction-specific content
  • Editable text with legal guidance
  • Free DOCX download

Upgrade to AI Editor for:

  • 🤖 Real-time AI legal assistance
  • 🔍 Intelligent document review
  • ⏰ Unlimited editing time
  • 📄 PDF exports
  • 💾 Auto-save & cloud sync