The Incidents page displays breaches associated with a company that may affect its SecurityScorecard score. Each entry represents a single breach event, supported by one or more sources that serve as evidence for the incident. The page is designed to help you quickly understand what happened, how confident SecurityScorecard is in the finding, and what impact the incident has on your company's score.
You can view this information for your own organization or for a vendor:
- Your organization: Go to My Organization > My Scorecard and select Incidents.
- A vendor: Go to Companies, select the company you want to review, and select Incidents.
Each incident in the list includes the following information:
Title and description
A summary of the incident and a brief description of what occurred, based on available source reporting.
Sources
The number of sources SecurityScorecard has identified for this incident. Sources are the records that support the breach finding. Select View Sources to see the full list.
Status
Indicates how well-substantiated the breach is. Status is assigned at the incident level, not per individual source. Breaches on this page are marked Confirmed, meaning they have been verified by the company's statement, a government or regulatory filing, or multiple reputable news sources.
Incident Date
The date the breach is believed to have occurred, based on available reporting.
Last Updated
The most recent date that SecurityScorecard updated information about this incident.
Type
Indicates who is directly responsible for the breach:
- First-Party - The breach originated within the company itself.
- Third-Party - The breach occurred due to a relationship with an external vendor or service provider. Even if the company denies direct responsibility, third-party breaches are included because companies bear responsibility for data exposed through their vendors.
Records Exposed
An estimate of the number of records compromised in the breach, when that information is available.
Score Impact
The effect this incident has on the company's SecurityScorecard score. A negative value indicates that the incident is reducing the score.
View breach sources
Selecting View Sources opens a panel listing all sources associated with that incident.
For each source, you can see:
- Source URL - A link to the original article or report
- Publish Date - When the source was published
- Source Type - Whether the source is an official statement (such as a government filing or company disclosure) or a news report
- Description - A brief excerpt or summary of the source content
Sources are presented as supporting evidence for the incident, not as separate, competing breach records. If new sources are added or an incident's status changes, the Last Updated date on the incident will be updated accordingly.
Automate breach notifications
To be notified whenever your organization or a vendor has had a breach reported, create a rule to automate relevant alerts.