Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Phishing Scheme Targets Amex Cardholders

    Source: Bank Info Security
    By: Akshaya Asokan
    Published: July 18, 2019

    * Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.
    * What makes this phishing attack different is that instead of using a hyperlink to send victims to a malicious landing page, this scheme deploys an embedded "base href" URL to help hide the true intent from anti-virus and other security tools.

  • Hackers Execute Ransomware Attack on Asian Art Museum

    Source: SFist
    By: Joe Kukura
    Published: July 18, 2019

    * The Asian Art Museum silently endured a ransomware attack in May, but they swear they didn't pay up.
    * It's unclear how much the hackers demanded, how long the system was disabled, or whether any information or data was compromised. Museum officials reportedly contacted police, and the city's IT security personnel apparently found a workaround to restore the system.

  • Data Breaches and Educational Institutions

    Source: The National Law Review
    By: FNU LNU
    Published: July 18, 2019

    * Educational institutions hold valuable and sensitive data (paper files and electronic ones), such as personal, financial and medical data on prospective students, enrolled students and alumni, employment information about their faculty and staff, and research data.
    * Schools share information with their service providers for a variety of purposes, including to process applications, to provide financial aid, to accept payments, and to host their websites and student portals.

  • Syracuse Schools, Libraries Disabled by Ransomware Attack

    Source: Center for Digital Education
    By: Tim Knauss
    Published: July 17, 2019

    * The Onondaga County library computer system was disabled last week by the same ransomware as the Syracuse school district, but thus far the county has not received a ransom demand, officials said today.
    * The library system's computer network was disabled July 12 by Ryuk ransomware, the same malware that crippled the school district system three days before, according to Justin Sayles of the county executive's office.

  • Customers' personal data stolen in breach of major wireless carrier

    Source: Komando.com
    By: James Gelinos
    Published: July 17, 2019

    * Using a vulnerability found on the official Samsung website, hackers were able to infiltrate a customer database for a major American mobile brand.
    * The breach was so bad, in fact, that hackers obtained a vast amount of personal data from the attack -- including account settings, phone numbers, and even home addresses.

  • Bulgaria's 'biggest leak': Suspect arrested after cyber attack

    Source: Euro News
    By: Alice Tidey
    Published: July 17, 2019

    - Bulgarian police said on Wednesday they have arrested a suspect for a cyber attack on the country's National Revenue Agency (NRA), which led to the leak of personal and financial data of millions of people.
  • Laptop stolen in Rome; UNL warns nearly 900 current, former ag staffers of potential data breach

    Source: Omaha World-Herald
    By: Rick Ruggles
    Published: July 17, 2019

    * A stolen laptop computer has caused a migraine for the University of Nebraska-Lincoln's Institute of Agriculture and Natural Resources.
    * While in Rome last month, an IANR consultant's laptop computer was pilfered. The consultant helps manage IANR retirement benefits.

  • Firefox to Warn When Saved Logins are Found in Data Breaches

    Source: Bleeping Computer
    By: Lawrence Abrams
    Published: July 17, 2019

    * Starting in Firefox 70, Mozilla aims to have the browser report when any of your saved logins were found in data breaches.
    * This will be done through their partnership with the Have I Been Pwned data breach site.

  • Lawmakers introduce bill to block U.S. companies from doing business with Huawei

    Source: The Hill
    By: Maggie Miller
    Published: July 16, 2019

    * Lawmakers in the House and Senate introduced legislation Tuesday to keep Chinese telecommunications group Huawei out of U.S. fifth generation (5G) networks and prevent U.S. companies from doing business with the company many have deemed a national security threat.
    * The bill would also give Congress the power to block administration waivers for U.S. companies to do business with Huawei.

  • Patch now before you get your NAS kicked: Iomega storage boxes leave millions of files open to the internet

    Source: The Register
    By: Shaun Nichols
    Published: July 16, 2019

    * Lenovo is emitting an emergency firmware patch for Iomega NAS devices after the network-attached storage boxes were discovered inadvertently offering millions of files to the internet via an insecure software interface.
    * If you're thinking, wow, Iomega, I didn't know they were still going: EMC bought it in 2008, and in 2013, a Lenovo-EMC joint-venture rebooted the brand as LenovoEMC gear.


San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017