Templates Legal Letters Correspondence State Data Breach Notification Letter
North Carolina Legal Letters Correspondence
Blank Document PRO
From Template
Upload Document Word (.docx) & Markdown files
PRO
State Data Breach Notification Letter
Ready to Edit
State Data Breach Notification Letter - Free Editor

North Carolina Data Breach Notification Package

(Draft Template – Prepared for Immediate Attorney Customization)

[// GUIDANCE: This package contains two separate notice templates that together satisfy the substantive and procedural requirements of N.C. Gen. Stat. § 75-65 (2023) (“NC Breach Statute”). Template A is directed to the North Carolina Attorney General (“AG Notice”); Template B is directed to affected North Carolina residents (“Consumer Notice”). Use both templates for a North Carolina-only incident. For multi-state breaches, supplement with the applicable state forms.]*

TABLE OF CONTENTS

  1. Template A – AG Notice
  2. Template B – Consumer Notice
  3. Exhibit 1 – List of Nationwide Consumer Reporting Agencies
  4. Exhibit 2 – Identity Theft & Security Freeze Resources

TEMPLATE A – ATTORNEY GENERAL NOTICE

(North Carolina Consumer Protection Division)

CONFIDENTIAL - LEGAL NOTICE
Notice of Data Breach Pursuant to N.C. Gen. Stat. § 75-65

[DATE]

Via [Certified Mail / Overnight Courier / Email Portal]
Consumer Protection Division
North Carolina Department of Justice
9001 Mail Service Center
Raleigh, NC 27699-9001

Re: Notice of Security Breach Involving Personal Information of North Carolina Residents

1. Reporting Entity

• Legal Name: [COMPANY LEGAL NAME], a [STATE] [corporation/LLC/etc.] (“Company”)
• Principal Address: [ADDRESS]
• FEIN: [##-#######]
• Point of Contact for NC DOJ: [NAME, TITLE, DIRECT DIAL, EMAIL]

2. Incident Overview

Pursuant to N.C. Gen. Stat. § 75-65, Company hereby notifies the North Carolina Attorney General of a breach of security involving “Personal Information,” as that term is defined in N.C. Gen. Stat. § 75-61(14).

• Date of Breach: [INCIDENT DATE OR DATE RANGE]
• Date Discovered: [DISCOVERY DATE]
• Approx. Number of Impacted Individuals: [TOTAL #] (North Carolina residents: [#])
• Breach Vector: [UNAUTHORIZED ACCESS / MALWARE / PHISHING / LOST DEVICE / ETC.]
• Type of Personal Information Affected: [Full Name + SSN; Driver’s License Number; Account + PIN; User Credentials; etc.]
• Law-Enforcement Involvement: [YES/NO – If yes, agency, case #, and confirmation that disclosure is now permitted]

3. Remediation & Containment Measures

[HIGH-LEVEL SUMMARY of steps already taken: e.g., isolated servers, reset credentials, engaged forensic firm, implemented multi-factor authentication, etc.]

4. Planned Consumer Notice

• Method(s) of Notice: [First-class mail / E-mail with “Notice of Data Breach” in subject line / Substitute notice (provide details)]
• Notification Date(s): [PLANNED MAILING DATE(S)] – will occur contemporaneously with or prior to this AG Notice.
• Identity-Protection Services: [Describe 12-month credit-monitoring/identity-theft services if offered; include provider name.]

5. Contact Information

Please direct any follow-up correspondence to:

[NAME]
[TITLE]
[COMPANY LEGAL NAME]
[ADDRESS]
[PHONE] | [EMAIL]

Respectfully submitted,

 

[NAME]
[Title]
[Company Legal Name]

TEMPLATE B – CONSUMER NOTICE

(North Carolina Resident – Plain-Language Version)

IMPORTANT: NOTICE OF DATA BREACH

[DATE]

Dear [FIRST NAME LAST NAME]:

What Happened?

On [INCIDENT DATE OR RANGE], we discovered that unauthorized [access/use] of certain Company systems occurred. Our investigation determined that between [DATE RANGE], an unauthorized individual [BRIEF DESCRIPTION OF HOW BREACH OCCURRED].

What Information Was Involved?

The incident involved the following type(s) of your personal information: [check all that apply]
• Social Security number
• Driver’s license or state identification card number
• Financial account number and access code/PIN
• Debit or credit card number and CVV/password
• Medical/health insurance information
• Username or e-mail address in combination with password or security question answer

[// GUIDANCE: If login credentials were compromised, NC law requires advising individuals to promptly change passwords and use unique credentials across accounts.]

What We Are Doing

• Immediately contained the incident and secured our systems.
• Engaged an independent cybersecurity firm to assist our investigation.
• Reported the breach to the North Carolina Attorney General’s Office.
• Offering you [12/24]-month(s) of complimentary [IDENTITY-PROTECTION SERVICE], which includes credit monitoring and identity theft restoration assistance. Instructions to enroll are below.

What You Can Do

  1. Review the “Steps You Can Take to Protect Your Personal Information” in Exhibit 2 (enclosed).
  2. Consider placing a fraud alert or security freeze on your credit files.
  3. Monitor your bank, credit-card, and insurance statements for unauthorized activity.
  4. If login credentials were included, promptly change your password and any other account that uses the same credentials.

Enrollment Instructions for Complimentary Services

• Visit: [URL]
• Enter Code: [UNIQUE ENROLLMENT CODE]
• Deadline: [MM/DD/YYYY]

Resources

• Equifax: 800-525-6285 | www.equifax.com
• Experian: 888-397-3742 | www.experian.com
• TransUnion: 800-680-7289 | www.transunion.com
• NC Attorney General: 877-566-7226 | www.ncdoj.gov
• Federal Trade Commission: 877-438-4338 | www.identitytheft.gov

For More Information

If you have questions, please call our dedicated toll-free hotline at [###-###-####] between [HOURS, TIME ZONE] or e-mail [[email protected]].

We regret any inconvenience or concern this may cause and remain committed to safeguarding your information.

 
Sincerely,

 

[NAME]
[Title]
[Company Legal Name]
[Address] | [Phone] | [E-mail]

EXHIBIT 1 – Nationwide Consumer Reporting Agencies

Equifax Information Services LLC
P.O. Box 105788, Atlanta, GA 30348 | 800-525-6285

Experian Information Solutions Inc.
P.O. Box 9554, Allen, TX 75013 | 888-397-3742

TransUnion LLC
P.O. Box 2000, Chester, PA 19022 | 800-680-7289

EXHIBIT 2 – Identity Theft & Security Freeze Resources

[// GUIDANCE: Attach NC-specific identity-theft-prevention instructions, including how to place a free security freeze under N.C. Gen. Stat. § 75-63 and how to obtain a free credit report under 15 U.S.C. § 1681j. Populate with current URLs and phone numbers.]

OPTIONAL INTERNAL RECORD (Not to be Sent with Notices)

• Incident ID: [INTERNAL #]
• Payment Card Brand Notice Requirement Met: [Y/N/NA]
• HIPAA / GLBA / FERPA Overlap: [Describe, if applicable]
• Insurance Carrier Notified: [Carrier & Claim #]
• Board/Executive Notification Date: [MM/DD/YYYY]

[// GUIDANCE:
1. Timing – Send consumer notices “without unreasonable delay” and no later than the date of AG notification, unless delayed by written law-enforcement request.
2. Method – Use first-class mail unless the NC Breach Statute’s electronic or substitute-notice conditions are satisfied.
3. Recordkeeping – Maintain copies of all notices and mailing metrics for at least three (3) years to defend against enforcement actions or civil claims.
4. Multi-State Incidents – Confirm whether other states require AG or regulator filings and whether additional content (e.g., CA’s “breach-type chart”) must be included.
]

AI Legal Assistant

Welcome to State Data Breach Notification Letter

You're viewing a professional legal template that you can edit directly in your browser.

What's included:

  • Professional legal document formatting
  • North Carolina jurisdiction-specific content
  • Editable text with legal guidance
  • Free DOCX download

Upgrade to AI Editor for:

  • 🤖 Real-time AI legal assistance
  • 🔍 Intelligent document review
  • ⏰ Unlimited editing time
  • 📄 PDF exports
  • 💾 Auto-save & cloud sync