Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • The 13 Biggest Data Breaches of 2019 (So Far)

    Source: CRN
    By: Michael Novinson
    Published: July 16, 2019

    * Nearly 31 million records were exposed in the 13 biggest breaches in the first half of 2019, with 11 of the top 13 breaches occurring at medical or healthcare organizations.

  • Facebook's Libra is a terrorist's best friend, thunders US Treasury: Crypto-coins dubbed 'national security risk'

    Source: The Register
    By: Kieren McCarthy
    Published: July 15, 2019

    * The US Treasury Secretary today put a big dent into Facebook's Libra cryptocurrency plans, by claiming it would be a "national security risk," as well as a likely source of money laundering for - among others - terrorists.
    * Steven Mnuchin held a press conference to make sure his attack got wide coverage. In it, he criticized all cryptocurrencies for having "been exploited to support billions of dollars of illicit activity like cybercrime, tax evasion, extortion, ransomware, illicit drugs and human trafficking."

  • House passes bills to boost small business cybersecurity

    Source: The Hill
    By: Maggie Miller
    Published: July 15, 2019

    * The House passed legislation by voice vote on Monday intended to increase cybersecurity at the Small Business Administration (SBA) and separately approved a bill to help small businesses defend against cyber attacks.
    * The SBA Cyber Awareness Act, sponsored primarily by Rep. Jason Crow (D-Colo.), would require the SBA to produce an annual report to Congress that assesses the quality of its information technology, and that details any equipment used by the SBA that was manufactured in China.

  • Evite Invites Over 100 Million People to Their Data Breach

    Source: Bleeping Computer
    By: Lawrence Abrams
    Published: July 15, 2019

    * The data breach monitoring service Haveibeenpwned.com has added a database dump of almost 101 million Evite users who had their information exposed when attackers gained unauthorized access to their servers.
    * In May 2019, Evite posted a data incident notice that disclosed an unauthorized third-party had gained access to their servers starting on February 22, 2019 and were able to access member's personal data. No financial information or social security numbers, though, were part of the breach.

  • Hackers Demand $2 Million From Monroe

    Source: Inside Higher Ed
    By: Lindsay McKenzie
    Published: July 15, 2019

    * A cyberattack disabled many of Monroe College's technology systems and platforms last week. * Students and faculty and staff members were locked out of the college's website, learning management system and email, with hackers demanding payment of around $2 million in Bitcoin to restore access.

  • GE anesthesia machines can be exposed to hackers: DHS

    Source: FOX News
    By: Brooke Crothers
    Published: July 11, 2019

    * GE anesthesia machines are ripe for tampering, according to a new DHS advisory.
    * GE Healthcare is aware of the vulnerability, issuing a statement that says there is "potential ability to modify gas composition parameters...modify device time and silence alarms after the initial audible alarm," according to the GE Healthcare website.

  • Israel Cyber Body Issues Warning on AI Phishing Attack that Uses AI to Imitate Voices

    Source: News18
    By: IANS
    Published: July 11, 2019

    * In a warning, an Israeli cyber body has unearthed a new type of attack where hackers are using Artificial Intelligence (AI) technology to impersonate senior company executives.
    * The main innovation is the attacking software, which learns to mimic the voice of a person defined for it and makes a conversation with an employee on behalf of the Chief Executive Officer (CEO).

  • People 'have no clue' how much data Facebook and Google collect, antitrust advocate says

    Source: Yahoo! News
    By: Jon Ward
    Published: July 10, 2019

    * Facebook and Google have reached so far into the private lives of their users without their knowledge that they are committing "a fraud on the American people," said a prominent advocate of stricter government regulation for the tech giants.
    * "The amount of data that Facebook and Google are collecting about the average person is absolutely insane, massive, widespread, ubiquitous, and I think honestly, a fraud on the American people that the people don't understand that this is happening," said Sally Hubbard of the Open Markets Institute, an organization that advocates curbing the power of monopolies.

  • K12.com exposed 7 million student records for a week

    Source: Engadget
    By: AJ Dellinger
    Published: July 10, 2019

    * K12.com, an online education platform, inadvertently exposed the personal information of nearly seven million students, according to security researchers at Comparitech.
    * The exposed database contained full names, email addresses, birthdates and gender identities, as well as the school that the students attend, authentication keys for accessing their accounts and other internal data.

  • Arlington Investigating Cyber Attack on County Payroll System

    Source: ARLnow
    By: FNU LNU
    Published: July 10, 2019

    * In a statement, the county says a number of employees were impacted by the intrusion, but did not specify the exact number or impacts. The intrusion appears to be the result of a "phishing" email targeting county employees and not a hack, the press release suggests.
    * Arlington's cybersecurity division previously told ARLnow that it was staffing up and training county employees in light of the growing number of cyber attacks. The county budgeted $60,000 for the department to teach county employees how to avoid phishing emails, among other security best practices.


San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017