Sending incidents involving personal information leaks to NCIRCC
KUMA 2.1.x does not have a separate section with incident parameters for submitting information about personal information leaks to NCIRCC. Since such incidents do occur and a need exists to submit information to NCIRCC, use the following solution.
To submit incidents involving personal information leaks:
In the KUMA web interface, in the Incidents section, when creating an incident involving a personal information leak, in the Category field, select Notification about a computer incident.
In the Type field, select one of the options that involves submission of information about personal information leak:
Malware infection
Compromised user account
Unauthorized disclosure of information
Successful exploitation of a vulnerability
Event is not related to a computer attack
In the Description field, enter "The incident involves a leak of personal information. Please set the status to "More information required"".
After NCIRCC employees set the status to "More information required" and return the incident for further editing, in your NCIRCC account, you can provide additional information about the incident in the "Details of the personal information leak" section.