Skip to main content
United States flag An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Appendix A: Examples of Substantial Incidents that Likely Would Qualify as Reportable Cyber Incidents

  • Ransomware attacks impacting critical systems or data.
  • Unauthorized access to an information system containing a substantial amount of sensitive member information.
  • Data breach exposing a substantial amount of employee personal identifiable information.
  • Distributed denial of service attack causing significant downtime.
  • Phishing attack resulting in successful installation of malware.
  • Theft or loss of unencrypted device containing sensitive information.
  • Compromise of online banking platform or mobile application.
  • Social engineering attack leading to fraudulent wire transfers.
  • Unauthorized alteration or destruction of financial data.
  • A computer hacking incident that disrupts a federally insured credit union’s operations.
  • Third-party notification to a federally insured credit union that the third party has experienced a breach of a credit union’s sensitive member information.
  • A detected, unauthorized intrusion into a network information system.
  • Discovery or identification of zero-day malware in a network or information system.
  • Internal breach or data theft by an insider.
  • Sensitive data exfiltrated outside of the federally insured credit union’s or a contracted third party in an unauthorized manner, such as through a flash drive or online storage account.
  • Member information compromised because of card skimming at a credit union’s ATM.
  • Misconfiguration of information system(s), such as application programming interfaces, databases, storage accounts, exposing a substantial amount of sensitive member information.
Last modified on