Rule 12-4-2.12 - Security Breaches and NotificationsA. In the event of a security breach, credit card or debit card data could be compromised. Agencies will immediately terminate the application/services to preserve evidence and notify:1. DFA's Chief Systems Information Officer at 601-359-6570.2. Mississippi Department of Information Technology Services, Security Division at 601-432-8180 and E-Government at (601) 432-1846.3. Mississippi State Attorney General's Office, Consumer Protection Division at (601) 359-3680 or 1 (800) 281-4418 and the Cyber Crimes Division at (601) 359-3817.B. The agency shall notify their customers of the breach once law enforcement informs the agency that customer notification will not impede an investigation. 1. Agencies may notify customers using written notices or electronic notices. As a last resort, telephone notices can be given. Documentation that notices were provided, to whom they were provided, and when such notices were provided must be maintained by the Agency.2. The notice shall be clear and conspicuous and include:a. A description of the incident in general terms.b. The type of personal information subjected to unauthorized access or acquisition.c. The general acts the agency has taken to protect the information from further unauthorized access.d. A telephone number that the customer can call for further information.e. Advice that directs the customer to remain vigilant by reviewing account statements and monitoring free credit reports or close an account.