Payment Card Fraud (CARD)
Fraud involving debit and credit cards that is not accomplished via hacking. For example, skimming devices at point-of-service terminals.
Hacking or Malware (HACK)
Hacked by outside party or infected by malware
Insider (INSD)
Insider (someone with legitimate access intentionally breaches information – such as an employee, contractor or customer)
Physical Loss (PHYS)
Includes paper documents that are lost, discarded or stolen (non electronic)
Portable Device (PORT)
Lost, discarded or stolen laptop, PDA, smartphone, memory stick, CDs, hard drive, data tape, etc.
Stationary Device (STAT)
Stationary computer loss (lost, inappropriately accessed, discarded or stolen computer or server not designed for mobility)
Unintended Disclosure (DISC)
Unintended disclosure (not involving hacking, intentional breach or physical loss – for example: sensitive information posted publicly, mishandled or sent to the wrong party via publishing online, sending in an email, sending in a mailing or sending via fax)
Unknown