Booz Allen Hamilton Holding Corporation - Breach Notificaiton
Booz Allen Hamilton, Inc.
8283 Greensboro Drive
McLean, VA 22102
Tel 703-902-5000
www.BoozAllen.com
November , 2022
,
NOTICE OF EVENT INVOLVING PERSONALLY IDENTIFIABLE
INFORMATION (PII)
Dear ,
We are writing to let you know about an event that affected Booz Allen Hamilton
Holding Corporation (“Booz Allen”), involving the sensitive, Personally Identifiable
Information (PII) of active employees as of March 29, 2021. There is no indication that
this event affected the company’s network or operations in any way.
We want to make clear at the outset that keeping personal data safe and secure is very
important to Booz Allen, and will continue to be a priority moving forward.
WHAT HAPPENED?
We recently learned that a former employee, while still employed at the Company and in
direct contradiction of Booz Allen’s policies, training, purpose, and values, obtained and
downloaded a copy of an internal report that was improperly stored on an internal
SharePoint site. While our investigation remains ongoing, we recently learned that
certain of your information was affected.
WHAT INFORMATION WAS INVOLVED?
Based on our review, there was personal information exposed including: your name,
social security number, compensation, gender, race, ethnicity, date of birth, and U.S.
Government security clearance eligibility and status as of March 29, 2021.
WHAT WE ARE DOING
Upon learning of this event, the firm took immediate action, including actions to secure
the file in the right location, conduct a thorough investigation, and review its information
handling processes for potential opportunities for improvements. At this time, we do not
believe that the individual intended to misuse any of the personal information in the
Date __, 2022
Activation Code: ______
Expiration Date: ________
2
report to cause harm to Booz Allen employees and we believe the risk of harm to you is
low.
We have also secured the services of Equifax to provide credit monitoring at no cost to
you for two years. Equifax is a global leader in risk mitigation and response, and their
team has extensive experience helping people who have sustained an unintentional
exposure of confidential data.
Below please find information on signing up for a complimentary membership to
Equifax’s services.
Equifax Credit Watch Gold
*Note: You must be over age 18 with a credit file to take advantage of the product.
Key Features
• Credit monitoring with email notifications of key changes to your Equifax credit
report
• Daily access to your Equifax credit report
• WebScan notifications1 when your personal information, such as Social Security
Number, credit/debit card or bank account numbers are found on fraudulent
Internet trading sites
• Automatic fraud alerts2
, which encourages potential lenders to take extra steps to
verify your identity before extending credit, plus blocked inquiry alerts and
Equifax credit report lock3
1 WebScan searches for your Social Security Number, up to 5 passport numbers, up to 6 bank account numbers, up to 6
credit/debit card numbers, up to 6 email addresses, and up to 10 medical ID numbers. WebScan searches thousands of
Internet sites where consumers' personal information is suspected of being bought and sold, and regularly adds new
sites to the list of those it searches. However, the Internet addresses of these suspected Internet trading sites are not
published and frequently change, so there is no guarantee that we are able to locate and search every possible Internet
site where consumers' personal information is at risk of being traded.
2 The Automatic Fraud Alert feature is made available to consumers by Equifax Information Services LLC and fulfilled
on its behalf by Equifax Consumer Services LLC.
3 Locking your Equifax credit report will prevent access to it by certain third parties. Locking your Equifax credit
report will not prevent access to your credit report at any other credit reporting agency. Entities that may still have
access to your Equifax credit report include: companies like Equifax Global Consumer Solutions, which provide you
with access to your credit report or credit score, or monitor your credit report as part of a subscription or similar
service; companies that provide you with a copy of your credit report or credit score, upon your request; federal, state
and local government agencies and courts in certain circumstances; companies using the information in connection
with the underwriting of insurance, or for employment, tenant or background screening purposes; companies that have
a current account or relationship with you, and collection agencies acting on behalf of those whom you owe; companies
that authenticate a consumer's identity for purposes other than granting credit, or for investigating or preventing actual
or potential fraud; and companies that wish to make pre-approved offers of credit or insurance to you. To opt out of
such pre-approved offers, visit www.optoutprescreen.com.
Date __, 2022
Activation Code: ______
Expiration Date: ________
3
• Identity Restoration to help restore your identity should you become a victim of
identity theft, and a dedicated Identity Restoration Specialist to work on your
behalf
• Up to $1,000,000 of identity theft insurance coverage for certain out of pocket
expenses resulting from identity theft4
Enrollment Instructions
To sign up online for online delivery, go to www.equifax.com/activate
Enter your unique Activation Code of then click “Submit” and
follow these 4 steps:
1. Register: Complete the form with your contact information and click
“Continue”. If you already have a myEquifax account, click the ‘Sign in here’
link under the “Let’s get started” header. Once you have successfully signed in,
you will skip to the Checkout Page in Step 4.
2. Create Account: Complete the form with your email address, create a
password, and accept the Terms of Use.
3. Verify Identity: To enroll in your product, the system will ask you to
complete an identity verification process.
4. Checkout: Upon successful verification of your identity, you will see the
Checkout Page. Click ‘Sign Me Up’ to finish enrolling. The confirmation page
shows your completed enrollment. Please click the “View My Product” button to
access the product features.
You need to activate your membership in order to receive your benefits, and must do so
no later than [X XX, 202X]. Your Activation Code will not work after this date.
WHAT YOU CAN DO
We encourage you to contact Equifax and take advantage of the credit monitoring that we
are providing to you free of charge. In addition, you should remain vigilant and carefully
review your accounts for any suspicious activity. This is a best practice for all
individuals.
As noted above, we have no evidence that your information has been misused in
connection with this incident. However, as always, if you detect any suspicious activity
on an account, you should change the password and security questions associated with
4 The Identity Theft Insurance benefit is underwritten and administered by American Bankers Insurance Company of
Florida, an Assurant company, under group or blanket policies issued to Equifax, Inc., or its respective affiliates for the
benefit of its Members. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage
may not be available in all jurisdictions.
Date __, 2022
Activation Code: ______
Expiration Date: ________
4
the account, and promptly notify the financial institution or other company with which
the account is maintained and any relevant government agency.
If you would like to take additional steps to protect your personal information, attached to
this letter are helpful resources on how to do so, including recommendations from the
Federal Trade Commission regarding identity theft protection and details on how to place
a fraud alert or a security freeze on your credit file.
FOR MORE INFORMATION
We take our responsibility to protect your personal data extremely seriously. We will
continue to take all appropriate steps to keep information safe and continually enhance
our posture, policies, and processes. Thank you for all you do every day to safeguard
information, live our values, and protect our firm and each other.
If you have any questions, please contact [call center] at [phone number], [hours].
Sincerely,
Booz Allen Hamilton
5
Additional Resources
Below are additional helpful tips you may want to consider to protect your personal information.
Review Your Credit Reports and Account Statements; Notify Law Enforcement of Suspicious Activity
As a precautionary measure, we recommend that you remain vigilant by reviewing your credit reports and
account statements closely. If you detect any suspicious activity on an account, you should promptly notify the
financial institution or other company with which the account is maintained. You also should promptly report
any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities. If
you believe you are the victim of identity theft or have reason to believe your personal information has been
misused, you should immediately contact law enforcement, the Federal Trade Commission (“FTC”) and/or the
Attorney General’s office in your home state. You can also contact these agencies for information on how to
prevent or avoid identity theft, and you can contact the FTC at:
Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
www.ftc.gov/IDTHEFT
1-877-IDTHEFT (438-4338)
Copy of Credit Report
You may obtain a free copy of your credit report from each of the three major credit reporting agencies once
every 12 months by visiting https://www.annualcreditreport.com, calling toll-free 877-322-8228, or by
completing an Annual Credit Report Request Form and mailing it to the Annual Credit Report Request
Service, P.O. Box 105281, Atlanta, GA 30348-5281. You can print this form at
https://www.annualcreditreport.com/manualRequestForm.action. Credit reporting agency contact details are
provided below.
Equifax:
equifax.com
equifax.com/personal/credit-reportservices
P.O. Box 740241
Atlanta, GA 30374
866-349-5191
Experian:
experian.com
experian.com/help
P.O. Box 2002
Allen, TX 75013
888-397-3742
TransUnion:
transunion.com
transunion.com/credit-help
P.O. Box 1000
Chester, PA 19016
888-909-8872
When you receive your credit reports, review them carefully. Look for accounts or credit inquiries that you did
not initiate or do not recognize. Look for information, such as home address and Social Security number, that
is inaccurate. If you see anything you do not understand, call the credit reporting agency at the telephone
number on the report.
Fraud Alert
You may want to consider placing a fraud alert on your credit file. An initial fraud alert is free and will stay on
your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your
report and requests that the creditor contact you prior to establishing any accounts in your name. If you have
already been a victim of identity theft, you may have an extended alert placed on your report if you provide the
appropriate documentary proof. An extended fraud alert stays on your credit report for seven years. To place a
fraud alert on your credit report, contact any of the three credit reporting agencies identified above.
Security Freeze
You have the right to place a security freeze on your credit file free of charge. This will prevent new credit
from being opened in your name without the use of a PIN number that is issued to you when you initiate the
freeze. A security freeze is designed to prevent credit, loans, and services from being approved in your name
without your consent. As a result, using a security freeze may delay your ability to obtain credit. In order to
6
place a security freeze, you may be required to provide the consumer reporting agency with information that
identifies you including your full name; social security number; date of birth; current and previous addresses; a
copy of your state-issued identification card; and a recent utility bill, bank statement, or telephone bill.
Federal Fair Credit Reporting Act Rights
The Fair Credit Reporting Act (FCRA) is federal legislation that regulates how consumer reporting agencies
use your information. It promotes the accuracy, fairness, and privacy of consumer information in the files of
consumer reporting agencies. As a consumer, you have certain rights under the FCRA, which the FTC has
summarized as follows: you must be told if information in your file has been used against you; you have the
right to know what is in your file; you have the right to ask for a credit score; you have the right to dispute
incomplete or inaccurate information; consumer reporting agencies must correct or delete inaccurate,
incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative
information; access to your file is limited; you must give your consent for reports to be provided to employers;
you may limit “prescreened” offers of credit and insurance you get based on information in your credit report;
and you may seek damages from violators. Identity theft victims and active duty military personnel have
additional rights.
For more information about these rights, you may go to www.ftc.gov/credit or write to: Consumer Response
Center, Room 13-A, Federal Trade Commission, 600 Pennsylvania Ave. N.W., Washington, D.C. 20580.
Additional Information
You have the right to obtain any police report filed in regard to this incident. If you are the victim of fraud or
identity theft, you also have the right to file a police report.
You may consider starting a file with copies of your credit reports, any police report, any correspondence, and
copies of disputed bills. It is also useful to keep a log of your conversations with creditors, law enforcement
officials, and other relevant parties.
For Colorado residents: You may obtain information from the Federal Trade Commission and the credit
reporting agencies about fraud alerts and security freezes.
For Maryland residents: You may contact the Office of the Maryland Attorney General, 200 St. Paul Place,
Baltimore, MD 21202, http://www.marylandattorneygeneral.gov, 1-888-743-0023. The Office of the
Maryland Attorney General may be able to provide you with information about the steps you can take to avoid
identity theft.
For North Carolina residents: You may contact the North Carolina Office of the Attorney General, 9001
Mail Service Center, Raleigh, NC 27699-9001, http://www.ncdoj.gov, 1-877-566-7226. You are also advised
to report any suspected identity theft to law enforcement or to the North Carolina Attorney General.
For Connecticut, Florida, Indiana, Louisiana, Maine, Montana, Nebraska, New Jersey, New Hampshire,
Puerto Rico, Texas, Vermont, and Virginia residents: You may obtain one or more (depending on the
state) additional copies of your credit report, free of charge. You must contact each of the credit bureaus
directly to obtain such additional report(s).
For New York residents: You may contact the New York Office of the Attorney General at: The Capitol,
Albany, NY 12224-0341, http://www.ag.ny.gov/home.html, 1-800-771-7755, and the New York Department
of State Division of Consumer Protection at: 99 Washington Avenue, Albany, New York 12231-0001,
http://www.dos.ny.gov/consumerprotection, 1-800-697-1220.
For Washington, D.C. residents: You may contact the Office of the Attorney General for the District of
Columbia, 400 6th St. NW, Washington, D.C. 20001, http://www. oag.dc.gov, 1-202-727-3400.
8283 Greensboro Drive
McLean, VA 22102
Tel 703-902-5000
www.BoozAllen.com
November , 2022
,
NOTICE OF EVENT INVOLVING PERSONALLY IDENTIFIABLE
INFORMATION (PII)
Dear ,
We are writing to let you know about an event that affected Booz Allen Hamilton
Holding Corporation (“Booz Allen”), involving the sensitive, Personally Identifiable
Information (PII) of active employees as of March 29, 2021. There is no indication that
this event affected the company’s network or operations in any way.
We want to make clear at the outset that keeping personal data safe and secure is very
important to Booz Allen, and will continue to be a priority moving forward.
WHAT HAPPENED?
We recently learned that a former employee, while still employed at the Company and in
direct contradiction of Booz Allen’s policies, training, purpose, and values, obtained and
downloaded a copy of an internal report that was improperly stored on an internal
SharePoint site. While our investigation remains ongoing, we recently learned that
certain of your information was affected.
WHAT INFORMATION WAS INVOLVED?
Based on our review, there was personal information exposed including: your name,
social security number, compensation, gender, race, ethnicity, date of birth, and U.S.
Government security clearance eligibility and status as of March 29, 2021.
WHAT WE ARE DOING
Upon learning of this event, the firm took immediate action, including actions to secure
the file in the right location, conduct a thorough investigation, and review its information
handling processes for potential opportunities for improvements. At this time, we do not
believe that the individual intended to misuse any of the personal information in the
Date __, 2022
Activation Code: ______
Expiration Date: ________
2
report to cause harm to Booz Allen employees and we believe the risk of harm to you is
low.
We have also secured the services of Equifax to provide credit monitoring at no cost to
you for two years. Equifax is a global leader in risk mitigation and response, and their
team has extensive experience helping people who have sustained an unintentional
exposure of confidential data.
Below please find information on signing up for a complimentary membership to
Equifax’s services.
Equifax Credit Watch Gold
*Note: You must be over age 18 with a credit file to take advantage of the product.
Key Features
• Credit monitoring with email notifications of key changes to your Equifax credit
report
• Daily access to your Equifax credit report
• WebScan notifications1 when your personal information, such as Social Security
Number, credit/debit card or bank account numbers are found on fraudulent
Internet trading sites
• Automatic fraud alerts2
, which encourages potential lenders to take extra steps to
verify your identity before extending credit, plus blocked inquiry alerts and
Equifax credit report lock3
1 WebScan searches for your Social Security Number, up to 5 passport numbers, up to 6 bank account numbers, up to 6
credit/debit card numbers, up to 6 email addresses, and up to 10 medical ID numbers. WebScan searches thousands of
Internet sites where consumers' personal information is suspected of being bought and sold, and regularly adds new
sites to the list of those it searches. However, the Internet addresses of these suspected Internet trading sites are not
published and frequently change, so there is no guarantee that we are able to locate and search every possible Internet
site where consumers' personal information is at risk of being traded.
2 The Automatic Fraud Alert feature is made available to consumers by Equifax Information Services LLC and fulfilled
on its behalf by Equifax Consumer Services LLC.
3 Locking your Equifax credit report will prevent access to it by certain third parties. Locking your Equifax credit
report will not prevent access to your credit report at any other credit reporting agency. Entities that may still have
access to your Equifax credit report include: companies like Equifax Global Consumer Solutions, which provide you
with access to your credit report or credit score, or monitor your credit report as part of a subscription or similar
service; companies that provide you with a copy of your credit report or credit score, upon your request; federal, state
and local government agencies and courts in certain circumstances; companies using the information in connection
with the underwriting of insurance, or for employment, tenant or background screening purposes; companies that have
a current account or relationship with you, and collection agencies acting on behalf of those whom you owe; companies
that authenticate a consumer's identity for purposes other than granting credit, or for investigating or preventing actual
or potential fraud; and companies that wish to make pre-approved offers of credit or insurance to you. To opt out of
such pre-approved offers, visit www.optoutprescreen.com.
Date __, 2022
Activation Code: ______
Expiration Date: ________
3
• Identity Restoration to help restore your identity should you become a victim of
identity theft, and a dedicated Identity Restoration Specialist to work on your
behalf
• Up to $1,000,000 of identity theft insurance coverage for certain out of pocket
expenses resulting from identity theft4
Enrollment Instructions
To sign up online for online delivery, go to www.equifax.com/activate
Enter your unique Activation Code of then click “Submit” and
follow these 4 steps:
1. Register: Complete the form with your contact information and click
“Continue”. If you already have a myEquifax account, click the ‘Sign in here’
link under the “Let’s get started” header. Once you have successfully signed in,
you will skip to the Checkout Page in Step 4.
2. Create Account: Complete the form with your email address, create a
password, and accept the Terms of Use.
3. Verify Identity: To enroll in your product, the system will ask you to
complete an identity verification process.
4. Checkout: Upon successful verification of your identity, you will see the
Checkout Page. Click ‘Sign Me Up’ to finish enrolling. The confirmation page
shows your completed enrollment. Please click the “View My Product” button to
access the product features.
You need to activate your membership in order to receive your benefits, and must do so
no later than [X XX, 202X]. Your Activation Code will not work after this date.
WHAT YOU CAN DO
We encourage you to contact Equifax and take advantage of the credit monitoring that we
are providing to you free of charge. In addition, you should remain vigilant and carefully
review your accounts for any suspicious activity. This is a best practice for all
individuals.
As noted above, we have no evidence that your information has been misused in
connection with this incident. However, as always, if you detect any suspicious activity
on an account, you should change the password and security questions associated with
4 The Identity Theft Insurance benefit is underwritten and administered by American Bankers Insurance Company of
Florida, an Assurant company, under group or blanket policies issued to Equifax, Inc., or its respective affiliates for the
benefit of its Members. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage
may not be available in all jurisdictions.
Date __, 2022
Activation Code: ______
Expiration Date: ________
4
the account, and promptly notify the financial institution or other company with which
the account is maintained and any relevant government agency.
If you would like to take additional steps to protect your personal information, attached to
this letter are helpful resources on how to do so, including recommendations from the
Federal Trade Commission regarding identity theft protection and details on how to place
a fraud alert or a security freeze on your credit file.
FOR MORE INFORMATION
We take our responsibility to protect your personal data extremely seriously. We will
continue to take all appropriate steps to keep information safe and continually enhance
our posture, policies, and processes. Thank you for all you do every day to safeguard
information, live our values, and protect our firm and each other.
If you have any questions, please contact [call center] at [phone number], [hours].
Sincerely,
Booz Allen Hamilton
5
Additional Resources
Below are additional helpful tips you may want to consider to protect your personal information.
Review Your Credit Reports and Account Statements; Notify Law Enforcement of Suspicious Activity
As a precautionary measure, we recommend that you remain vigilant by reviewing your credit reports and
account statements closely. If you detect any suspicious activity on an account, you should promptly notify the
financial institution or other company with which the account is maintained. You also should promptly report
any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities. If
you believe you are the victim of identity theft or have reason to believe your personal information has been
misused, you should immediately contact law enforcement, the Federal Trade Commission (“FTC”) and/or the
Attorney General’s office in your home state. You can also contact these agencies for information on how to
prevent or avoid identity theft, and you can contact the FTC at:
Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, NW
Washington, DC 20580
www.ftc.gov/IDTHEFT
1-877-IDTHEFT (438-4338)
Copy of Credit Report
You may obtain a free copy of your credit report from each of the three major credit reporting agencies once
every 12 months by visiting https://www.annualcreditreport.com, calling toll-free 877-322-8228, or by
completing an Annual Credit Report Request Form and mailing it to the Annual Credit Report Request
Service, P.O. Box 105281, Atlanta, GA 30348-5281. You can print this form at
https://www.annualcreditreport.com/manualRequestForm.action. Credit reporting agency contact details are
provided below.
Equifax:
equifax.com
equifax.com/personal/credit-reportservices
P.O. Box 740241
Atlanta, GA 30374
866-349-5191
Experian:
experian.com
experian.com/help
P.O. Box 2002
Allen, TX 75013
888-397-3742
TransUnion:
transunion.com
transunion.com/credit-help
P.O. Box 1000
Chester, PA 19016
888-909-8872
When you receive your credit reports, review them carefully. Look for accounts or credit inquiries that you did
not initiate or do not recognize. Look for information, such as home address and Social Security number, that
is inaccurate. If you see anything you do not understand, call the credit reporting agency at the telephone
number on the report.
Fraud Alert
You may want to consider placing a fraud alert on your credit file. An initial fraud alert is free and will stay on
your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your
report and requests that the creditor contact you prior to establishing any accounts in your name. If you have
already been a victim of identity theft, you may have an extended alert placed on your report if you provide the
appropriate documentary proof. An extended fraud alert stays on your credit report for seven years. To place a
fraud alert on your credit report, contact any of the three credit reporting agencies identified above.
Security Freeze
You have the right to place a security freeze on your credit file free of charge. This will prevent new credit
from being opened in your name without the use of a PIN number that is issued to you when you initiate the
freeze. A security freeze is designed to prevent credit, loans, and services from being approved in your name
without your consent. As a result, using a security freeze may delay your ability to obtain credit. In order to
6
place a security freeze, you may be required to provide the consumer reporting agency with information that
identifies you including your full name; social security number; date of birth; current and previous addresses; a
copy of your state-issued identification card; and a recent utility bill, bank statement, or telephone bill.
Federal Fair Credit Reporting Act Rights
The Fair Credit Reporting Act (FCRA) is federal legislation that regulates how consumer reporting agencies
use your information. It promotes the accuracy, fairness, and privacy of consumer information in the files of
consumer reporting agencies. As a consumer, you have certain rights under the FCRA, which the FTC has
summarized as follows: you must be told if information in your file has been used against you; you have the
right to know what is in your file; you have the right to ask for a credit score; you have the right to dispute
incomplete or inaccurate information; consumer reporting agencies must correct or delete inaccurate,
incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative
information; access to your file is limited; you must give your consent for reports to be provided to employers;
you may limit “prescreened” offers of credit and insurance you get based on information in your credit report;
and you may seek damages from violators. Identity theft victims and active duty military personnel have
additional rights.
For more information about these rights, you may go to www.ftc.gov/credit or write to: Consumer Response
Center, Room 13-A, Federal Trade Commission, 600 Pennsylvania Ave. N.W., Washington, D.C. 20580.
Additional Information
You have the right to obtain any police report filed in regard to this incident. If you are the victim of fraud or
identity theft, you also have the right to file a police report.
You may consider starting a file with copies of your credit reports, any police report, any correspondence, and
copies of disputed bills. It is also useful to keep a log of your conversations with creditors, law enforcement
officials, and other relevant parties.
For Colorado residents: You may obtain information from the Federal Trade Commission and the credit
reporting agencies about fraud alerts and security freezes.
For Maryland residents: You may contact the Office of the Maryland Attorney General, 200 St. Paul Place,
Baltimore, MD 21202, http://www.marylandattorneygeneral.gov, 1-888-743-0023. The Office of the
Maryland Attorney General may be able to provide you with information about the steps you can take to avoid
identity theft.
For North Carolina residents: You may contact the North Carolina Office of the Attorney General, 9001
Mail Service Center, Raleigh, NC 27699-9001, http://www.ncdoj.gov, 1-877-566-7226. You are also advised
to report any suspected identity theft to law enforcement or to the North Carolina Attorney General.
For Connecticut, Florida, Indiana, Louisiana, Maine, Montana, Nebraska, New Jersey, New Hampshire,
Puerto Rico, Texas, Vermont, and Virginia residents: You may obtain one or more (depending on the
state) additional copies of your credit report, free of charge. You must contact each of the credit bureaus
directly to obtain such additional report(s).
For New York residents: You may contact the New York Office of the Attorney General at: The Capitol,
Albany, NY 12224-0341, http://www.ag.ny.gov/home.html, 1-800-771-7755, and the New York Department
of State Division of Consumer Protection at: 99 Washington Avenue, Albany, New York 12231-0001,
http://www.dos.ny.gov/consumerprotection, 1-800-697-1220.
For Washington, D.C. residents: You may contact the Office of the Attorney General for the District of
Columbia, 400 6th St. NW, Washington, D.C. 20001, http://www. oag.dc.gov, 1-202-727-3400.