Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Why CISOs are highly valuable in crisis situations

    • Businesses encounter many types of crises in a lifetime, such as recessions, data breaches and global conflicts. While most people think of the CEO, CFO and board members as critical at these times, chief information security officers (CISOs) must be seen as integral in both security and business decisions.
    • People want to know that they can trust their CISO to take care of the company's valuable resources, and a good CISO understands this great responsibility requires a commensurate amount of time, effort and energy.
    IDG Connect - Steve Moore | May 15, 2020
  • Phishing scams use Fortnite to bait minors

    • Web sites promoting fraudulent Fortnite offers...
    • Fortnite is a popular video game and is being used by cybercriminals as an enticement to misappropriate user data.
    • On the face of it, it might appear that we have only been victims of a loss of time, because we haven’t provided any personal information (or received the prize).
    • However, this isn’t the case...
    - Ana Gomez Blanco | May 15, 2020
  • Fake Zoom Phishing Campaign Targets Employees for their Office 365 Credentials

    • A phishing campaign using a fake Zoom notification is targeting employees in an effort to steal Office 365 credentials, looking to trick people into entering their user names and passwords into a lookalike website.
    • Such phishing campaigns usually target employees for their remote access to the company’s infrastructure.
    • While such access was much less available before the pandemic, many more people have been granted access, and that only means a much larger surface attack area.
    - Silviu Stahie | May 14, 2020
  • Six Steps to Boost Email Security for Remote Employees

    • Exploiting the anxiety and lack of information around the coronavirus pandemic, phishing emails also take advantage of the fact that many people are working from home — far away from direct IT support, often distracted by family or household issues, and with an even higher than usual reliance on email.
    • These attacks often impersonate trusted government or international institutions. For example, the FBI warned people to be on the lookout for fake CDC emails and other coronavirus-related phishing attacks.
    | May 14, 2020
  • Security rising to the top of the pile for MSPs

    • Even before the coronavirus struck, managed service players were wrestling with the increasing security demands coming from their customers.
    • Antivirus and anti-malware was the most popular MSP product category in demand across Europe, the Middle East and Africa (EMEA), followed by backup technology.
    Computer Weekly - Simon Quicke | May 13, 2020
  • An Old Cyber-Scam Targets Mobile Devices

    • Even if your employees don’t have sensitive company or client data stored directly on their mobile devices, they can probably login to your company’s network via those devices. Hackers can grab that key information through a successful phishing attack.
    • Encourage clients to follow up on any suspicious communication that appears to be from your firm and get verbal confirmation from their representative.
    • In a remote services world, a quick conversation is phishing’s biggest enemy.
    ADVISOR PERSPECTIVE - Reid Johnston | May 13, 2020
  • Healthcare Giant Magellan Struck with Ransomware, Data Breach

    • The unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6 that impersonated a Magellan client.
    • We have taken a number of additional measures to further strengthen our security policies and protocols.
    • Magellan claims they are aggressively investigating this matter and will continue to provide updates to those impacted as the investigation continues.
    post - Tara Seals | May 13, 2020
  • 5 phishing attack methods every business should know in 2020

    • There was a time when the main tech-based worry for any business were viruses. Large companies spent thousands of dollars on antivirus software, while those that didn’t paid the price when one of their client machines became infected, crippling their infrastructure and effectively grinding the whole operation to a screeching halt.
    • Hackers' attempts are now easily thwarted by the use of web application firewalls (WAF) which can block malicious traffic and unauthorized requests sent to these devices.
    • This doesn’t mean that IT departments can rest on their laurels however...
    - Peter Davidson | May 12, 2020
  • Data Breaches from End-of-Life IT Devices: Not ‘If’ but ‘When’

    • The exponential rate at which data volume is growing has spawned nonstop cyber-activity intent on using this data for illegal purposes.
    • The danger couldn’t be more extreme – or more real: in today’s internet-dominated world, someone seeking to steal sensitive, confidential or proprietary data (e.g. personally identifiable information) no longer has to physically breach a facility.
    - Heidi Parthena White | May 12, 2020
  • Giant Food warns of potential data breach after credit card skimmer found on self-checkout

    • The grocery chain says that they learned on March 5 that an individual illegally placed a device that skims information from credit/debit cards at one of the self-check-outs.
    • After working with police and a forensic investigator, Giant says they are unable to say for sure whether any data was extracted from the device before it was found, however, no evidence was found that the extracted information was misused.
    WJLA - Elliott Henney | May 12, 2020

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017