Skip to main content

US - Breach Notification

Download With Dependencies

This Content pack helps you understand if a breach has occurred and automates repetitive tasks associated with US Breach notification procedures.

All 50 US states, Washington, DC, and most US territories (including Puerto Rico, Guam, and the Virgin Islands) have passed breach notification laws that require notifying state residents and the Attorney General in case of a personally identifiable information (PII) security breach.
This US Breach Notification content pack includes playbooks that help to determine if the breached data meets the criteria for breach notification for the relevant state, and, if necessary, follows through with the notification procedures.
With this package, it will be possible to understand whether a breach occurred and whether the notification is required. In addition, you can shorten the notification time in case of breach according to the state law.

What does this pack do?

The playbooks included in this pack help you automate repetitive tasks associated with US breach notification incidents:

  • Checks whether the breached data was encrypted or if the encryption key was compromised.
  • Checks the types of PII that were compromised, however, each state determines what is considered PII, and which PII requires notification.
  • Checks if the PII that was compromised contained living residents in the selected state.
  • Asks the DPO (Data Protection Officer) to confirm the breach.
  • In case notification is required, the pack assists with the notification process to send a breach notification to the following: Affected residents, State Attorney General, Consumer Reporting Agencies, and State CISO (if required).

As part of this pack, you will also get out-of-the-box US breach notification incident views, and a full layout. All of these are easily customizable to suit the needs of your organization.

For more information, visit our Cortex XSOAR Developer Docs





Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByCortex
CreatedJuly 26, 2020
Last ReleaseMarch 1, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.