FIRST fell victim to a data security breach in March 2017.
The exposed information included usernames names, email address, date of birth, and encrypted password.
Other personally identifiable, financial, or credit card information did not exposed.
To stop similar events from happening again and to safeguard the privacy of the FIRST community, FIRST was putting in place further security measures.
All participant passwords were reset out of an abundance of caution, despite the fact that the passwords were encrypted.
Source: https://www.databreaches.net/important-notification-of-data-breach-on-first-forums/
TPRM report: https://scoringcyber.rankiteo.com/company/first_2
"id": "fir23312722",
"linkid": "first_2",
"type": "Breach",
"date": "03/2017",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'name': 'FIRST', 'type': 'Organization'}],
'data_breach': {'data_encryption': ['encrypted passwords'],
'personally_identifiable_information': ['usernames',
'names',
'email addresses',
'dates of birth'],
'type_of_data_compromised': ['usernames',
'names',
'email addresses',
'dates of birth',
'encrypted passwords']},
'date_detected': 'March 2017',
'description': 'FIRST fell victim to a data security breach in March 2017. '
'The exposed information included usernames, names, email '
'addresses, dates of birth, and encrypted passwords. Other '
'personally identifiable, financial, or credit card '
'information was not exposed. FIRST implemented additional '
'security measures and reset all participant passwords out of '
'caution.',
'impact': {'data_compromised': ['usernames',
'names',
'email addresses',
'dates of birth',
'encrypted passwords']},
'post_incident_analysis': {'corrective_actions': ['Implemented additional '
'security measures']},
'response': {'remediation_measures': ['All participant passwords were reset']},
'title': 'FIRST Data Security Breach',
'type': 'Data Breach'}