Read a Breach Report

Deadline: May 16

Organizations that experience security breaches sometimes release public reports aimed at helping the wider security community understand what happened and hopefully learn from the experience. These reports are sadly not common, but they are very interesting and educational to read.

Steps

1. Pick a data breach report to read, the following are good options but you can pick any you like.
   • British Library - October 2023 breach
   • Troy Hunt’s write-up of the Disqus Data Breach
   • Heartland Payment Systems - August 2009 breach written by Federal Reserve Bank of Philadelphia
   • US FTC charges against Snapchat (Counts 1, 2, and 6) - technically this is a legal document, but it has lots of technical details.
   • A “Kill Chain” Analysis of the 2013 Target Data Breach written by USA Committee on Commerce, Science and Transportation
2. Read the Executive Summary or Introduction and at least one other section.
3. Optionally, you can search for the breach in the news if you are not already familiar with it.
4. Complete self-reflection questions

Reflection questions

• State what data breach report you read.
• What attack was used in the breach?
• What did you learn about what attackers and/or defenders do during breaches?

Other things to read

• South West Thames Regional Health Authority, ‘Report of the Inquiry into the London Ambulance Service’ (1993)
  • Due to poor management of a software project the City of London England was completely without ambulance service for a day. The write-up is the inquiry into how that happened.
  • List of related documents