Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Extent of Damage for State Farm Credential Stuffing Attack Still in Question

    Source: CPO Magazine
    By: Scott Ikeda
    Published: August 19, 2019

    * United States-based insurance giant State Farm recently mailed out a data breach notice to some of its customers. The description of the incident indicates that the company was hit with a credential stuffing attack, with an unknown amount of customer accounts compromised.
    * State Farm serves about 83 million households in the United States. The breach notification did not indicate how many of the company's customers were compromised.

  • First-Time Fine Imposed for GDPR Violations Involving Employee Data Breach

    Source: JD Supra
    By: FNU LNU
    Published: August 19, 2019

    * The Hellenic Data Protection Authority (HDPA) recently imposed a EUR 150,000 fine on the international consulting firm PwC for its violations of the new European data protection regulations (the General Data Protection Regulations, or GDPR).
    * One year after the entry into force of the GDPR, it was evident that the enforcement activity of privacy protection agencies around the world had been focused on companies' business doings. As a result, companies rarely invest resources in complying with the requirements of privacy protection laws in terms of their employees' data processing.

  • Rebuilding Your Brand's Reputation After A Cyber Attack

    Source: The Hack Post
    By: Munawar Gul
    Published: August 18, 2019

    * It is estimated that one cyber attack occurs every 39 seconds, with millions of records being stolen daily. * Negative feedback travels quickly online, so one thing you cannot afford to do if you receive a complaint, is to sit on your laurels. * See a security breach as the same as any other customer service, only far more serious.

  • 1 · Ransomware attack in Texas targets local government agencies

    Source: Engadget
    By: Jon Fingas
    Published: August 18, 2019

    * Ransomware attacks against local governments are still a clear problem, and Texas is discovering this first hand. * The state has revealed that 23 government entities reported a ransomware attack on the morning of August 16th.

  • How to address IoT security risks in the healthcare industry

    Source: Tahawultech.com By: Cyber Resilient Group 14August2019

    * There has been a surge in the number of cyber-attacks on the healthcare industry in the past five years affecting more than 100 million people worldwide such as Anthem medical, NHS-UK and last year Singapore government's health database.
    * IoT vulnerabilities are scanned by cybercriminals at a frenetic pace than ever before. As per one of the AT&T experts there has been a dramatic 458 percent increase in IoT vulnerability scans against devices.

  • A cybercriminal covered all his tracks-and then he verified his PayPal account

    Source: Quartz By: Justin Rohrlich 15August2019

    * At the beginning of May, a San Francisco-based tech firm called Scale AI contacted the FBI after discovering its internal computer network had been compromised. Roughly $40,000 had been drained out of its accounts, $140 at a time.
    * Law enforcement is under constant pressure to keep up with fast-changing technologies and the corresponding strategies hackers use to get past the latest safeguards and protections. Yet, with just about every aspect of modern life networked together in one way or another, it is extremely difficult to carry out a cybercrime today without leaving clues.
  • 700,000 Choice Hotels records leaked in data breach, ransom demanded

    Source: ZDNet By: Charlie Osborne 15August2019

    * 700,000 records belonging to Choice Hotels have reportedly been stolen with hackers demanding payment for their return.
    * According to Choice Hotels, the bulk of the records was only test information, including the payment card, password, and reservation fields; however, 700,000 records were genuine and contained information on guests such as names, email addresses, and phone numbers.
  • Energy Sector Phish Swims Past Microsoft Email Security via Google Drive

    Source: Threat Post
    By: Tara Seals
    Published: August 15, 2019

    * A targeted spearphishing campaign has hit an organization in the energy sector - after using a savvy trick to get around the company's Microsoft email security stack. * The email was legitimately sent by Google Drive to employees - but it had one big "tell" - the email address didn't fit the email naming convention of the targeted company. But most employees wouldn't take the time to check that...
  • 40 percent of children have connected with a stranger online, shocking survey reveals

    Source: FOX News By: Christopher Carbone 14August2019

    * In the survey, which was conducted by the Center for Cyber Safety and Education in partnership with Booz Allen Hamilton, researchers wanted to determine where kids use the internet without adult supervision, whether they've been taught the basics of internet safety, which websites and apps they visit or use, and what their interactions with strangers were like. * Of the 40 percent, the study found that more than half revealed their phone number to a stranger, one-fifth spoke with a stranger over the phone and 11 percent went as far as to meet a stranger in their own home, the stranger's home, a park, mall or restaurant.

  • US Cyber Command has publicly posted malware linked to a North Korea hacking group

    Source: TechCrunch
    By: Zack Whittaker
    Published: August 15, 2019

    * U.S. Cyber Command, the sister division of the National Security Agency focused on offensive hacking and security operations, has released a set of new samples of malware linked to North Korean hackers. * The military unit tweeted Wednesday that it had uploaded the malware to VirusTotal, a widely used database for malware and security research.

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017