Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Iranian Hackers Can Now Beat Encrypted Apps, Researchers Say

    • Iranian hackers, most likely employees or affiliates of the government, have been running a vast cyberespionage operation equipped with surveillance tools that can outsmart encrypted messaging systems — a capability Iran was not previously known to possess.
    • The hackers have successfully infiltrated what were thought to be secure mobile phones and computers belonging to the targets, overcoming obstacles created by encrypted applications such as Telegram and even gaining access to information on WhatsApp.
    - Ronen Bergman and Farnzaz Fassihi | September 18, 2020
  • Dunkin' Data Breach Settlement Paves the Way for More Suits

    • Under the New York settlement with Dunkin' Brands, which is the franchiser of 12,900 Dunkin' outlets and 8,000 Baskin-Robbins stores worldwide, the company must refund money to about 20,000 New York customers affected by a 2015 data breach and also pay $650,000 in fines.
    • The settlement requires Dunkin' to reset the password on any New York customer cards registered during the affected period and notify customers who are eligible for a refund for any fraudulent activity on their card resulting from the data breach.
    • Dunkin' must also maintain reasonable safeguards to protect against credential stuffing attacks.
    - Doug Olenick | September 17, 2020
  • Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

    • The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies.
    • The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers.
    • One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.
    • After the indictments were filed prosecutors said they obtained warrants to seize websites, domains and servers associated with the group’s operations, effectively shutting them down and hindering their operations.
    - Brian Krebs | September 17, 2020
  • Cyber attacks threaten universities restarting in the UK

    • The UK’s cybersecurity agency NCSC has issued a warning to universities over the likelihood of cyberattacks as a new term starts
    • The alert follows a speight of ransomware attacks on top universities in the UK, US, and Canada
    • Attackers could leverage phishing scams, impersonating university officials
    - Mark Jones | September 17, 2020
  • You’re not as smart as you think you are: Phishing with Covid-19 as bait

    • Targeting people, instead of systems, is the fastest and most results-driven method of hacking. The reason for this is due to the Dunning-Kruger effect, a cognitive bias where people overestimate their knowledge or ability in a certain area.
    • In the case of network security, people overestimate their ability to gauge risky behavior online.
    • COVID-19 is a top-of-mind concern that sets the stage for an emotional response. It depends on the individual, but the odds of an emotional response are quite high.
    - Phil Trainor | September 16, 2020
  • Two Russians Charged in $17M Cryptocurrency Phishing Spree

    • The Justice Department unsealed indictments against Russian nationals Danil Potekhin and Dmitirii Karasavidi, alleging the duo was responsible for a sophisticated phishing and money laundering campaign that resulted in the theft of $16.8 million in cryptocurrencies and fiat money from victims.
    • Separately, the U.S. Treasury Department announced economic sanctions against Potekhin and Karasavidi, effectively freezing all property and interests of these persons (subject to U.S. jurisdiction) and making it a crime to transact with them.
    | September 16, 2020
  • Ransomware attack hits Newhall schools, halting online classes

    • A different sort of virus — ransomware — has taken down the computer system at the Newhall School District, forcing a shutdown of distance learning for some 6,000 elementary school students.
    • At about 7:30 a.m. Monday, the district shut down its servers and sent messages to parents via an emergency notification system and on Instagram that they should avoid the district website, downloads and even emails.
    • Pelzel informed parents that Monday would be treated as “a non-instructional day for all students” and that the district was working on a resolution.
    • Later that evening, the district used Instagram to announce a return to pencil, paper and textbook learning that included 180 minutes of activities for preschoolers and kindergartners, 230 minutes for first- through third-graders and 240 minutes for fourth- through sixth-graders.
    - Andrew J. Campa | September 15, 2020
  • Private Equity and Cybersecurity: A Guide to Preparing for and Responding to a Breach

    • Cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at fund sponsors should take the lead to ensure that the sponsor is taking appropriate actions to protect itself against cyber risks.
    • Careful planning and preparation, including appropriate policies and procedures, is critical for the creation of an effective cybersecurity program.
    • The program should include a Cyber Risk Assessment and a Cyber Incident Response Plan.
    | September 15, 2020
  • Over 1 Million Patients and Donors Impacted by Inova Health System Data Breach

    • The aftermath of Blackbaud’s data breach continues to extend, with Inova Health System stepping forward as the latest victim of the ransomware incident announced by the US-based cloud computing provider in May 2020.
    • According to the US Department of Health and Human Services data breach portal, the incident affected the personal information of 1,045,270 donors and patients.
    • Following an internal investigation, Inova determined that the information potentially stolen during the attack may have included full names, addresses, dates of birth, phone numbers, provider names, date of service, hospital departments and donation history information.
    - Alina Bizga | September 14, 2020
  • Why The Garmin Data Breach Should Be A Wakeup Call For Every CEO

    • A real-life Russian hacker collective linked to a reported ransomware attack on GPS tracking firm Garmin in July that should have set alarm bells ringing in every corporate boardroom.
    • Garmin confirmed it had been the victim of a cyberattack that caused a days-long outage in late July, during which users worldwide were unable to upload their fitness data from the company’s sports devices. Garmin reportedly paid a sizable ransom to get its data back.
    • If reading about Garmin gave you a sense of anxiety about hidden legal and reputational risks to your own company, you’re probably right to be concerned.
    • Too often, CEOs don’t get to see and react to these threats until they’ve already become a crisis—a hack or even a corruption issue coming to light in a far-flung market.
    Chief Executive - Allan Matheson | September 14, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017