Sending incidents involving personal information leaks to NCIRCC

KUMA 2.1.x does not have a separate section with incident parameters for submitting information about personal information leaks to NCIRCC. Since such incidents do occur and a need exists to submit information to NCIRCC, use the following solution.

To submit incidents involving personal information leaks:

1. In the KUMA web interface, in the Incidents section, when creating an incident involving a personal information leak, in the Category field, select Notification about a computer incident.
2. In the Type field, select one of the options that involves submission of information about personal information leak:
   • Malware infection
   • Compromised user account
   • Unauthorized disclosure of information
   • Successful exploitation of a vulnerability
   • Event is not related to a computer attack
3. In the Description field, enter "The incident involves a leak of personal information. Please set the status to "More information required"".
4. Click Save.
5. Export the incident to NCIRCC.

After NCIRCC employees set the status to "More information required" and return the incident for further editing, in your NCIRCC account, you can provide additional information about the incident in the "Details of the personal information leak" section.