Ditch the Pitch
If a business sends notice of a data security breach to 1,000 or more South Carolina residents at one time, the business must also notify the Department and the national credit reporting agencies. When sending notice to consumers, breached entities should include contact information for the Department so consumers may seek additional help from the Identity Theft Unit. When a business is required to notify the Department of a breach, the notice should include all of the following:
Breach notifications should be sent to the Department's Legal Division, P.O. Box 5757, Columbia, SC 29250 or emailed to firstname.lastname@example.org.
For more information on the applicable laws in South Carolina, refer to the Identity Theft & The Law: A Guide for Business and Government (PDF)