Recent 10-Ks mentioning “cyber” incidents

Image credit: brixton

I’m on record as predicting greater disclosure by firms of actual hacking attempts (irrespective of materiality or “success”) in SEC-mandated disclosure filings.

Here’s an undoubtedly very incomplete list of recent such disclosures I put together last night. Many of these lack real details (they are what one colleague calls “non-disclosure disclosures”). Uncharacteristically, I take a somewhat less pessimistic view, and think things are moving in a positive direction. What we have is not what we will have, and it’s better than what we used to have (which was zero).

Anyway, here’s my little list.

Citi mentions DoS campaign, recent hacking attempts

Verisign notes actual attempts, previously disclosed 2011 incident

MetLife notes actual attempts

Bank of Hawaii notes actual attempts, including DoS attack

Amex notes increasingly sophisticated criminal methods aimed at obtaining cardholder information

Travelers notes actual attempts

NYT does the expected, acks state-sponsored cyber-attack in latest 10-K

Goldman Sachs acknowledges actual attempts

CME group acknowledges some successful attacks

BONY Mellon acknowledges actual attempts

JP Morgan Chase acknowledges actual attacks

Bank of America acknowledges actual attacks

Zions Bancorporation acknowledges attacks

Churchill Downs says it has been a hacking target

SunTrust acknowledges actual incidents acknowledges actual incident

Yelp acknowledges attempts

This entry was posted in SEC Project, Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s