Incidents & News is a searchable, chronological feed of publicly disclosed security incidents, such as data breaches, ransomware, and data exposures, and news that could be relevant to a security assessment of a vendor, like regulatory enforcement actions.
The feed is broken down into individual items that have a date, severity, type, impacted company, summary, and where applicable other related companies.
At the top of Incidents & News, you'll see three tabs that filter down results:
Incidents: Reported data breaches, outages due to adversarial actions, ransomware, data exposures, and natural disasters that affect service availability or quality.
News: Mergers, acquisitions, divestitures, and regulatory actions like fines or charges.
You and your vendors: Incidents and news related to you or your vendors.
Clicking into a row will bring up additional details about the item such as the number of records exposed, the cost, types of data exposed, threat actors, related articles, and more.
Severity is assessed relative to the impact for the company and entities that may have shared data with it in order to best inform a vendor risk management program. For example, a complete breach of data at a small law firm that your company uses would be of major concern to you, while its significance to the world at large would be minimal. Conversely, a massive collection of scraped Facebook data is considered headline news but likely requires no incident response from your company, and would be considered a lower severity incident relative to your organization.
When multiple companies are impacted by a breach, they will be linked as related companies. These relationships are used to model cases like the Accellion or SolarWinds breaches, where intrusion at one company is known to have resulted in data loss for other companies.
Incidents & News is a great complement to Identity Breaches as any breach is still important context to include in a risk assessment of a vendor regardless of whether it impacts your organization or not.
For background, Identity Breaches allows you to identify and notify employees who have had their credentials exposed in a third-party data breach. But not every breach impacts your organization nor do we have access to the details of every breach. Breaches that don't impact your organization or that we haven't identified your exposed credentials in will appear under Incidents & News rather than Identity Breaches.