Texas law requires businesses and organizations that experience a data breach of system security that affects 250 or more Texans to report that breach to the Office of the Texas Attorney General as soon as practicably possible and no later than 30 days after the discovery of the breach. Businesses and organizations must also provide notice of the breach to affected consumers.
