Hey everyone,

With only one new filing this week, I had some time to spend categorizing all the known incident filings to date and found some interesting data points. Nearly all of the filings have called out some level ‘Unauthorized Access’ across the filings companies infrastructure, network or services. This isn’t really a surprise given the nature of these filings being ‘material’ and attempted hacks/attacks aren’t worth reporting. Unsurprisingly, more than half of the filings reported service disruption to business operations, ranging from days to weeks (United Health is still recovering from an incident which began in February). Data exfiltration was the third most common category with eight incidents, half of which alluded to the loss of personally identifiable information (35M+ records impacted in VF Corp filing). Several filings alluded to a Nation State threat. Detecting and attributing nation state attacks requires a level of sophistication many companies don’t possess. Microsoft, Hewlett Packard and UnitedHealth Group have all claimed nation state involvement in their filings. It will be interesting to see how these attributions play out in the future, especially among smaller companies.

Lastly, these categories are not associated with the official filings but gleaned from their contents. I have not classified attacks like ransomware unless they’re directly mentioned in the filing even if alleged externally.

8-K Filings categorized by Risk/Threat

This Weeks Filings

Thanks for reading,
Matt