Service disruptions through denial of service attacks

Unauthorized access to customer activity data

Vulnerabilities in the system leading to exploitation by attackers

Unauthorized access to user profile pictures

Hiding the incident from customers

Containing the incident

Eradicating the scope of the incident

Firing all employees involved with the breach

Virtual Challenge level

Ages and genders of customers

Latitude and Longitude of activity locations

Timestamp including date

location data allows tracking

A regular backup schedule is in place

Lack of encryption on user data

Contains personally identifiable information

Identifying assets

Testing for vulnerabilities

Monitoring and controlling systems

Limiting data access

Data in use

Data in the cloud

Data in transit

Data at rest