HHS Cybersecurity Incident Reports
Transcript of HHS Cybersecurity Incident Reports
-
7/24/2019 HHS Cybersecurity Incident Reports
1/133
Caveats:
1
2
3
-
7/24/2019 HHS Cybersecurity Incident Reports
2/133
From 1 January 2013 until 30 June 2015, the Department of Health and Human Servies ate!oinidents usin! Cate!ories, as de#ned in the $%S& Speial 'u(liation )00*+1, rev1 - list of theate!ories an (e found on the .eferenes ta( of this spreadsheet
/e!innin! 1 July 2015, HHS onverted from the le!ay Cate!ory system to the %mpat Classi#system de#ned in $%S& S')00*+1, rev2 and epanded at https:us*ert!ovinident*not!uidelines4 %mpat Classi#ations onsist of a four*fator matri that provides a more desriptiof the impat of an inident on the Department
%nidents that ere reated durin! the transition phase from Cate!ories to %mpat Classi#ationdual*oded &hese inidents are reported herein usin! only the oial reportin! mehanism, todupliate or etraneous reportin!
&he 6uantity provided represents the num(er of doumented inidents that math the de#nin!preedin! the value on that ro %t should (e assumed that if a possi(le tuple is not present, ththat month is "ero
&he earliest month availa(le ith omplete data is January 2013, due to doument retention pDoument retention for inident data is (ased on 7eneral .eords Shedule 28, item 9http:arhives!ovreords*m!mt!rs!rs28html4 &his item states that omputer seurithandlin! reords are to (e (d)estroyed/deleted 3 years after all necessary follow-up actions hacompleted. See the %mplementation -id at the (ottom of the e(site pa!e for additional lari#
-
7/24/2019 HHS Cybersecurity Incident Reports
3/133
HHS ;perational Divisions
;'D%< Full $ame
ACF Administration for Children and Families
AoA Administration on Aging
CDC Centers for Disease Control and Prevention
CMS Centers for Medicare and Medicaid Services
CSIRC Computer Security Incident Response Center
FDA Food and Drug Administration
IHS Indian Health Services
ITIO Office of the Secretary
NIH National Institutes of Health
OIG Office of Inspector General
OS Office of the Secretary
PSC Program Support Center
TIC Trusted Internet Connection
-
7/24/2019 HHS Cybersecurity Incident Reports
4/133
-
7/24/2019 HHS Cybersecurity Incident Reports
5/133
%nident Cate!ories
Cate!ories Funtional %mpat
Category 00 - Network Testing High
Category 01 - Unauthorized Access Medium
Category 02 - Denial of Service Low
Category 03 - Malicious Code None
Category 04 - Inappropriate Usage
%nformation %mpat
Category 06 - Investigation Classified
Category 99 - Non-Incident Proprietary
Privacy
Integrity
None
.eovera(ility
Not Recoverable
Extended
Supplemented
Regular
Not Applicable
&hreat
-
7/24/2019 HHS Cybersecurity Incident Reports
6/133
Other
-
7/24/2019 HHS Cybersecurity Incident Reports
7/133
%mpat Classi#ations
Desription
Organization has lost the ability to provide all critical services to all system users.
Organization has lost the ability to provide a critical service to a subset of system users.
Organization has experienced a loss of efficiency, but can still provide all critical services to all users with mi
Organization has experienced no loss in ability to provide all services to all users.
Desription
The confidentiality of classified information was compromised.
The confidentiality of unclassified proprietary information, such as Protected Critical Infrastructure Informatio
The confidentiality of PII or PHI was compromised.
The necessary integrity of information was modified without authorization.
No information was exfiltrated, modified, deleted, or otherwise compromised.
Desription
Recovery from the incident is not possible (e.g., data exfiltrated and posted publicly)
Time to recovery is unpredictable; additional resources and outside help needed
Time to recovery is predictable with additional resources
Time to recovery is predictable with existing resources
Incident does not require recovery
Desription
Cause of attack is unidentified
Brute force methods to compromise or degrade systems/services
Attack executed from a website or web-based application
Attack executed via an email message or attachment
Attack executed from removable media or a peripheral device
Attack involving replacement of legitimate content/services with a malicious substitute
Incident involving a violation of acceptable use policies by a legitimate user
Loss or theft of the organization's computing device(s) or media
-
7/24/2019 HHS Cybersecurity Incident Reports
8/133
An attack that does not fit into any other vector
-
7/24/2019 HHS Cybersecurity Incident Reports
9/133
;'D%< Cate!ory 6uantity
CDC Category 06 - Investigation 1
CDC Category 04 - Inappropriate Usage 3
CDC Category 01 - Unauthorized Access 31
CDC 13
CDC Category 03 - Malicious Code 58
CMS Category 99 - Non-Incident 9
CMS Category 03 - Malicious Code 3
CMS Category 01 - Unauthorized Access 73
CMS Category 04 - Inappropriate Usage 7
CMS Category 02 - Denial of Service 1
FDA Category 01 - Unauthorized Access 26
FDA 3
Category 05 - Scans, Probes and
Attempted Access
Category 05 - Scans, Probes and
Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
10/133
HRSA 1
HRSA Category 01 - Unauthorized Access 1
HRSA Category 03 - Malicious Code 1
IHS Category 04 - Inappropriate Usage 2
IHS Category 01 - Unauthorized Access 15
IHS Category 03 - Malicious Code 5
ITIO Category 03 - Malicious Code 1
NIH 61
NIH Category 01 - Unauthorized Access 58
NIH Category 03 - Malicious Code 33
NIH Category 04 - Inappropriate Usage 48
OIG Category 01 - Unauthorized Access 2
OS Category 04 - Inappropriate Usage 7
OS Category 99 - Non-Incident 4
OS Category 03 - Malicious Code 1
OS Category 01 - Unauthorized Access 1
Category 05 - Scans, Probes and
Attempted Access
Category 05 - Scans, Probes and
Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
11/133
;'D%< Cate!ory 6uantity
CDC Category 99 - Non-Incident 1
CDC 19
CDC 21
CDC Category 06 - Investigation 1
CDC Category 03 - Malicious Code 71
CMS Category 06 - Investigation 1
CMS 22
CMS Category 99 - Non-Incident 68
CMS 315
CMS 1
CMS Category 03 - Malicious Code 11
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
12/133
CSIRC 1
FDA 4
FDA Category 99 - Non-Incident 1
FDA 14
FDA Category 03 - Malicious Code 2
HRSA 1
HRSA 1
IHS 1
IHS 11
IHS 6
IHS Category 03 - Malicious Code 16
NIH Category 03 - Malicious Code 110
NIH Category 99 - Non-Incident 2
NIH 37
NIH 46
NIH 62
OIG 2
OIG 4
OS Category 06 - Investigation 1
OS 1
OS Category 99 - Non-Incident 1
Category 05 - Scans, Probes
and Attempted Access
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
AccessCategory 04 - Inappropriate
Usage
Category 04 - Inappropriate
UsageCategory 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 04 - Inappropriate
UsageCategory 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
13/133
OS 1
PSC 1
SAMHSA 1
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
AccessCategory 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
14/133
;'D%< Cate!ory 6uantity
CDC 32
CDC 39
CDC Category 99 - Non-Incident 11
CDC 88
CMS 262
CMS Category 06 - Investigation 3
CMS 1
CMS Category 99 - Non-Incident 58
CMS 10
FDA 7
FDA 4
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
15/133
FDA 2
FDA 1
HRSA 1
IHS Category 99 - Non-Incident 4
IHS 7
IHS 49
IHS 14
ITIO 3
ITIO Category 06 - Investigation 1
NIH 91
NIH 70
NIH Category 99 - Non-Incident 5
NIH 62
NIH 44
OIG 1
OS Category 99 - Non-Incident 3
OS 4
OS 3
OS Category 06 - Investigation 1
OS 1
PSC 3
Category 03 - Malicious
CodeCategory 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
CodeCategory 04 - Inappropriate
UsageCategory 03 - Malicious
Code
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 04 - Inappropriate
Usage
Category 01 - UnauthorizedAccess
Category 03 - Malicious
CodeCategory 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
16/133
PSC 1Category 05 - Scans, Probes
and Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
17/133
;'D%< Cate!ory 6uantity
ACF 2
CDC 11
CDC 67
CDC 1
CDC 1
CDC 33
CMS 1
CMS 7
CMS 8
CMS 10
CMS 60
CMS 275
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 06 -
Investigation
Category 04 -Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
18/133
FDA 4
FDA 2
FDA 12
FDA 3
HHS 1
HRSA 1
IHS 1
IHS 28
IHS 3
IHS 16
IHS 4
ITIO 5
NIH 22
NIH 104
NIH 59
NIH 76
NIH 83
OS 1
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -Unauthorized Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 03 - MaliciousCodeCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 06 -
Investigation
-
7/24/2019 HHS Cybersecurity Incident Reports
19/133
OS 3
OS 1
OS 1
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
20/133
;'D%< Cate!ory 6uantity
CDC Category 06 - Investigation 2
CDC 1
CDC 54
CDC Category 99 - Non-Incident 9
CDC 29
CDC 63
CMS 1
CMS Category 06 - Investigation 9
CMS 6
CMS Category 99 - Non-Incident 392
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
21/133
CMS 11
CMS 306
FDA 19
FDA 11
FDA Category 99 - Non-Incident 3
FDA 3
HRSA 3
IHS 16
IHS Category 99 - Non-Incident 2
IHS 9
IHS 18
IHS 2
ITIO 1
NIH Category 99 - Non-Incident 29
NIH 99
NIH 61
NIH 86
NIH 65
OIG 1
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probesand Attempted Access
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
22/133
OIG 1
OS Category 06 - Investigation 1
OS 1
OS 1
PSC 4
PSC Category 99 - Non-Incident 1
PSC 2
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
UsageCategory 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
23/133
;'D%< Cate!ory 6uantity
CDC 8
CDC 2
CDC 20
CDC 50
CDC 77
CMS 15
CMS 233
CMS 1
CMS 2
CMS 873
CSIRC 1
FDA 1
FDA 4
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
Category 06 -
InvestigationCategory 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
24/133
FDA 7
FDA 8
HHS 1
HRSA 1
HRSA 1
IHS 8
IHS 28
IHS 10
IHS 1
ITIO 1
NIH 1
NIH 61
NIH 53
NIH 50
NIH 29
NIH 75
OCR 1
OIG 1
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-Incident
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
IncidentCategory 02 - Denial of
Service
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
25/133
OIG 1
OIG 2
OS 5
OS 3
OS 1
OS 1
PSC 1
PSC 1
PSC 3
SAMHSA 1
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 06 -
Investigation
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
26/133
;'D%< Cate!ory 6uantity
ACF 1
AHRQ 1
CDC 32
CDC 4
CDC 21
CDC 34
CMS 1
CMS 8
CMS 280
CMS 227
CMS 2
FDA 1
Category 04 -
Inappropriate Usage
Category 06 -
Investigation
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 05 - Scans,
Probes and Attempted
Access
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
27/133
FDA 12
FDA 10
FDA 23
FDA 5
IHS 6
IHS 18
IHS 1
IHS 1
IHS 2
ITIO 2
ITIO 1
NIH 42
NIH 27
NIH 93
NIH 42
NIH 88
OIG 1
OIG 1
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-IncidentCategory 06 -
InvestigationCategory 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and AttemptedAccess
Category 05 - Scans,
Probes and Attempted
Access
Category 06 -
Investigation
-
7/24/2019 HHS Cybersecurity Incident Reports
28/133
OIG 1
OS 3
OS 4
OS 3
OS 2
OS 1
PSC 1
PSC 3
Category 04 -
Inappropriate Usage
Category 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
29/133
;'D%< Cate!ory 6uantity
ACF 1
ACF 1
ACF 1
ACF 1
CDC 12
CDC 1
CDC 188
CDC 2
CDC 31
CDC 58
CMS 8
CMS 21
CMS 86
Category 03 -
Malicious Code
Category 00 - NetworkTesting
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 04 -Inappropriate Usage
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
30/133
CMS 3
CMS 306
FDA 28
FDA 10
FDA 2
FDA 37
FDA 1
FDA 1
HRSA 2
HRSA 1
IHS 2
IHS 8
IHS 2
IHS 17
IHS 6
ITIO 3
ITIO 3
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 02 - Denial of
Service
Category 03 -
Malicious Code
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 03 -
Malicious Code
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
31/133
ITIO 3
NIH 90
NIH 24
NIH 95
NIH 53
NIH 22
OIG 1
OIG 3
OIG 2
OS 3
OS 1
OS 2
OS 1
PSC 5
PSC 1
Category 05 - Scans,
Probes and Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-Incident
Category 02 - Denial of
Service
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
32/133
;'D%< Cate!ory 6uantity
ACF 1
ACF 2
ACF 1
CDC 1
CDC 2
CDC 19
CDC 11
CDC 2
CDC 72
CMS 3
CMS 2
CMS 323
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 02 - Denial of
Service
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 06 -
InvestigationCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
33/133
CMS 56
CMS 14
FDA 2
FDA 19
FDA 1
FDA 1
FDA 1
FDA 14
FDA 10
HRSA 3
HRSA 1
HRSA 1
HRSA 1
IHS 1
IHS 4
IHS 1
IHS 14
IHS 13
ITIO 1
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 06 -
InvestigationCategory 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 02 - Denial of
ServiceCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 03 - MaliciousCodeCategory 06 -
InvestigationCategory 06 -
InvestigationCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
34/133
ITIO 2
ITIO 2
NIH 33
NIH 1
NIH 83
NIH 30
NIH 21
NIH 71
OS 1
OS 1
OS 1
OS 4
PSC 2
PSC 1
PSC 1
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 06 -Investigation
Category 04 -
Inappropriate Usage
Category 06 -
Investigation
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
35/133
;'D%< Cate!ory 6uantity
CDC 2
CDC 12
CDC 6
CDC 54
CMS 365
CMS 2
CMS 2
CMS 127
CMS 51
FDA 7
FDA 10
FDA 13
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious Code
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
36/133
FDA 16
HRSA 1
IHS 2
IHS 1
IHS 6
IHS 7
IHS 1
IHS 5
ITIO 6
NIH 28
NIH 22
NIH 17
NIH 58
NIH 20
OIG 1
OS 3
OS 1
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 05 - Scans,Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 02 - Denial
of Service
Category 01 -
Unauthorized Access
Category 03 -
Malicious Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
37/133
PSC 1
SAMHSA 1
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
38/133
;'D%< Cate!ory 6uantity
ACF 1
CDC 3
CDC 55
CDC 39
CDC 16
CMS 28
CMS 309
CMS 111
CMS 3
FDA 1
FDA 23
FDA 30
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 01 -
Unauthorized Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
39/133
FDA 12
HRSA 3
HRSA 2
HRSA 2
IHS 18
IHS 9
IHS 1
ITIO 2
ITIO 1
ITIO 18
NIH 23
NIH 90
NIH 22
NIH 22
NIH 21
OS 1
OS 1
OS 1
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 03 - MaliciousCodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
40/133
OS 1
PSC 1
PSC 1
TIC 1
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
41/133
;'D%< Cate!ory 6uantity
ACF Category 99 - Non-Incident 1
ACF 1
ACF 2
AHRQ 1
AoA 1
AoA 1
CDC 34
CDC 29
CDC 2
CDC 20
CMS 2
CMS Category 99 - Non-Incident 95
CMS 24
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
CodeCategory 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
42/133
CMS 249
CMS 1
FDA Category 99 - Non-Incident 5
FDA 3
FDA 14
FDA 9
FDA 11
HRSA 4
HRSA 3
IHS 2
IHS 3
IHS Category 99 - Non-Incident 5
IHS 13
IHS 6
ITIO Category 99 - Non-Incident 1
ITIO 13
ITIO 4
ITIO 1
NIH 32
NIH Category 99 - Non-Incident 26
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 03 - Malicious
CodeCategory 04 - Inappropriate
UsageCategory 00 - Network
TestingCategory 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
43/133
NIH 34
NIH 34
NIH 1
NIH 64
OIG 1
OS 1
OS 1
OS Category 99 - Non-Incident 1
OS 3
PSC Category 99 - Non-Incident 1
PSC 2
SAMHSA 1
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
UsageCategory 02 - Denial of
ServiceCategory 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 02 - Denial of
Service
Category 04 - Inappropriate
Usage
Category 04 - Inappropriate
UsageCategory 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
44/133
;'D%< Cate!ory 6uantity
CDC 9
CDC 29
CDC Category 99 - Non-Incident 6
CDC 1
CDC 16
CMS Category 99 - Non-Incident 75
CMS 16
CMS 1
CMS 1
CMS 4
CMS 316
FDA 15
FDA 2
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
UsageCategory 02 - Denial of
ServiceCategory 05 - Scans,
Probes and Attempted
AccessCategory 03 - Malicious
Code
Category 01 - UnauthorizedAccess
Category 05 - Scans,
Probes and Attempted
AccessCategory 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
45/133
FDA 13
FDA Category 99 - Non-Incident 4
FDA 16
HRSA Category 99 - Non-Incident 2
HRSA 3
HRSA 1
IHS 5
IHS 3
IHS 4
IHS Category 99 - Non-Incident 3
IHS 9
ITIO 29
ITIO Category 99 - Non-Incident 1
ITIO 1
ITIO 2
NIH Category 99 - Non-Incident 40
NIH 41
NIH 1
NIH 98
NIH 28
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans,Probes and Attempted
AccessCategory 03 - Malicious
Code
Category 04 - Inappropriate
UsageCategory 03 - Malicious
Code
Category 04 - Inappropriate
UsageCategory 05 - Scans,
Probes and Attempted
Access
Category 04 - Inappropriate
UsageCategory 02 - Denial of
ServiceCategory 05 - Scans,
Probes and Attempted
Access
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
46/133
-
7/24/2019 HHS Cybersecurity Incident Reports
47/133
;'D%< Cate!ory 6uantity
ACF 1
AHRQ Category 99 - Non-Incident 1
CDC 10
CDC 15
CDC 27
CDC Category 99 - Non-Incident 4
CMS 28
CMS 304
CMS Category 99 - Non-Incident 350
CMS 14
CMS 2
CSIRC Category 99 - Non-Incident 1
FDA 1
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
48/133
FDA 19
FDA 9
FDA 9
FDA Category 99 - Non-Incident 1
HHS Category 99 - Non-Incident 1
HRSA Category 99 - Non-Incident 2
HRSA 5
IHS Category 99 - Non-Incident 9
IHS 5
IHS 11
ITIO 27
ITIO 3
ITIO 1
ITIO 1
NIH 44
NIH 3
NIH 63
NIH 44
NIH Category 99 - Non-Incident 28
NIH 33
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 03 - MaliciousCode
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
UsageCategory 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 05 - Scans, Probes
and Attempted Access
Category 00 - Network
TestingCategory 04 - Inappropriate
UsageCategory 02 - Denial of
Service
Category 05 - Scans, Probes
and Attempted Access
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
49/133
OS 4
OS 3
OS 2
OS 1
OS Category 99 - Non-Incident 2
PSC 1
SAMHSA 1
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
UsageCategory 02 - Denial of
Service
Category 01 - Unauthorized
Access
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
50/133
;'D%< Cate!ory 6uantity
AHRQ 3
AHRQ 1
CDC 8
CDC 60
CDC 38
CDC Category 99 - Non-Incident 4
CMS 14
CMS 357
CMS Category 99 - Non-Incident 140
CMS 10
CMS 3
CSIRC Category 99 - Non-Incident 2
FDA 4
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans,
Probes and Attempted
AccessCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
51/133
FDA 11
FDA 19
FDA Category 99 - Non-Incident 4
FDA 1
FDA 1
HRSA Category 99 - Non-Incident 1
IHS 4
IHS 4
IHS 15
IHS Category 99 - Non-Incident 1
IHS 25
ITIO 14
ITIO 1
ITIO 2
ITIO Category 99 - Non-Incident 2
NIH 73
NIH 30
NIH 25
NIH Category 99 - Non-Incident 31
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 02 - Denial of
Service
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - MaliciousCode
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 03 - Malicious
Code
Category 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
52/133
NIH 1
NIH 72
OS 1
OS 3
OS Category 99 - Non-Incident 1
PSC 2
PSC Category 99 - Non-Incident 1
PSC 2
Category 02 - Denial of
Service
Category 04 - Inappropriate
Usage
Category 03 - Malicious
CodeCategory 01 - Unauthorized
Access
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
53/133
;'D%< Cate!ory 6uantity
AHRQ 1
CDC 3
CDC 4
CDC 3
CDC 52
CMS 11
CMS 1
CMS 9
CMS 3
CMS 373
CMS 104
Category 03 - Malicious
Code
Category 99 - Non-Incident
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 04 -Inappropriate Usage
Category 02 - Denial of
Service
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
54/133
FDA 8
FDA 19
FDA 4
HRSA 4
HRSA 1
HRSA 2
IHS 3
IHS 21
IHS 2
IHS 1
IHS 18
ITIO 3
ITIO 25
ITIO 5
ITIO 2
NIH 78
NIH 24
NIH 18
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -Inappropriate Usage
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
55/133
NIH 58
NIH 28
OIG 2
OIG 2
OS 3
OS 2
OS 1
OS 6
PSC 3
PSC 1
PSC 1
TIC 1
TIC 4
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 01 -Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
56/133
;'D%< Cate!ory 6uantity
ACF 1
AHRQ 1
CDC 37
CDC 3
CDC 4
CDC 6
CMS 14
CMS 13
CMS 334
CMS 109
CMS 10
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 99 - Non-Incident
Category 03 -
Malicious Code
Category 05 - Scans,
Probes and AttemptedAccess
Category 05 - Scans,
Probes and Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
57/133
CMS 2
FDA 3
FDA 2
FDA 5
FDA 10
HRSA 3
HRSA 1
HRSA 4
IHS 19
IHS 9
IHS 1
IHS 1
IHS 3
ITIO 3
ITIO 3
ITIO 1
ITIO 7
Category 00 - Network
TestingCategory 99 - Non-
IncidentCategory 03 -
Malicious Code
Category 05 - Scans,Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 03 -
Malicious Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
58/133
NIH 63
NIH 28
NIH 91
NIH 35
NIH 24
OS 2
OS 6
OS 1
PSC 1
PSC 2
SAMHSA 1
TIC 1
TIC 8
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,Probes and Attempted
Access
Category 03 -
Malicious CodeCategory 99 - Non-
IncidentCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
59/133
;'D%< Cate!ory 6uantity
AHRQ 2
AoA 1
CDC 7
CDC 16
CDC 5
CDC 5
CMS 16
CMS 9
CMS 120
CMS 10
CMS 288
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
60/133
FDA 6
FDA 17
FDA 1
FDA 3
HRSA 2
HRSA 6
HRSA 2
HRSA 2
IHS 23
IHS 12
IHS 2
IHS 4
IHS 5
ITIO 3
ITIO 3
ITIO 2
ITIO 18
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
61/133
NIH 64
NIH 23
NIH 80
NIH 27
NIH 36
OS 3
OS 5
OS 3
OS 1
PSC 1
PSC 1
PSC 1
TIC 4
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
62/133
;'D%< Cate!ory 6uantity
ACF 2
ACF 3
ACF 2
AHRQ 1
AHRQ 2
CDC 15
CDC 11
CDC 10
CDC 3
CDC 21
CMS 276
CMS 106
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
63/133
CMS 26
CMS 1
CMS 7
CMS 12
FDA 2
FDA 1
FDA 2
FDA 1
FDA 18
HRSA 5
HRSA 1
IHS 3
IHS 9
IHS 2
IHS 7
ITIO 4
ITIO 1
ITIO 3
Category 04 -
Inappropriate Usage
Category 02 - Denial of
Service
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 03 - Malicious
Code
Category 01 -Unauthorized Access
Category 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
64/133
ITIO 1
ITIO 15
NIH 102
NIH 37
NIH 37
NIH 18
NIH 66
NIH 1
OIG 1
OIG 1
OS 1
OS 5
OS 3
PSC 3
PSC 1
PSC 3
SAMHSA 1
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 05 - Scans,Probes and Attempted
Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 02 - Denial of
Service
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
AccessCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 99 - Non-
IncidentCategory 99 - Non-
Incident
Category 01 -Unauthorized Access
Category 04 -
Inappropriate Usage
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
65/133
SAMHSA 1
TIC 1
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
66/133
;'D%< Cate!ory 6uantity
CDC 1
CDC 20
CDC 14
CDC 8
CDC 5
CMS 101
CMS 29
CMS 264
CMS 14
CMS 33
FDA 2
FDA 2
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-
Incident
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
67/133
FDA 21
FDA 5
HRSA 4
HRSA 2
HRSA 7
HRSA 8
IHS 26
IHS 13
IHS 3
IHS 3
ITIO 1
ITIO 3
ITIO 40
ITIO 2
NIH 100
NIH 32
NIH 32
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 05 - Scans,Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
68/133
NIH 56
NIH 28
OIG 1
OIG 1
OS 1
OS 3
OS 9
OS 5
OS 1
TIC 2
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-Incident
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
69/133
;'D%< Cate!ory 6uantity
CDC 6
CDC 19
CDC 12
CDC 1
CDC 2
CDC 12
CMS 79
CMS 37
CMS 27
CMS 1
CMS 1
CMS 32
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 01 -Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 00 - Network
TestingCategory 06 -
Investigation
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
70/133
CMS 282
CSIRC 1
FDA 3
FDA 26
FDA 5
FDA 3
FDA 1
HRSA 7
HRSA 17
HRSA 4
IHS 2
IHS 3
IHS 1
IHS 41
IHS 40
IHS 2
ITIO 3
ITIO 33
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 - Non-IncidentCategory 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 01 -Unauthorized Access
Category 99 - Non-
IncidentCategory 99 - Non-
IncidentCategory 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
71/133
ITIO 4
NIH 108
NIH 35
NIH 32
NIH 59
NIH 20
OIG 1
OIG 1
OS 1
OS 2
OS 3
OS 2
PSC 2
PSC 1
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized AccessCategory 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
72/133
;'D%< Cate!ory 6uantity
AHRQ 1
CDC 13
CDC 6
CDC Category 99 - Non-Incident 4
CDC 1
CDC 18
CMS Category 06 - Investigation 10
CMS 25
CMS 237
CMS Category 99 - Non-Incident 76
CMS 19
CMS 22
CMS Category 99 Non-Incident 2
Category 01 - Unauthorized
Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - UnauthorizedAccess
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 05 - Scans,
Probes and Attempted
AccessCategory 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
73/133
FDA 4
FDA 17
FDA Category 99 - Non-Incident 1
FDA 1
HRSA Category 99 - Non-Incident 1
HRSA 4
HRSA 3
HRSA 1
IHS Category 06 - Investigation 3
IHS 1
IHS Category 99 - Non-Incident 1
IHS 24
IHS 27
ITIO 19
ITIO 1
ITIO Category 06 - Investigation 1
NIH Category 99 - Non-Incident 20
NIH 72
NIH 18
Category 05 - Scans,
Probes and Attempted
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 03 - Malicious
CodeCategory 05 - Scans,
Probes and Attempted
Access
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
Category 03 - Malicious
Code
Category 04 - Inappropriate
Usage
Category 04 - Inappropriate
Usage
Category 01 - Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
74/133
-
7/24/2019 HHS Cybersecurity Incident Reports
75/133
;'D%< Cate!ory 6uantity
AHRQ 1
CDC 2
CDC 1
CDC 16
CDC 5
CDC 16
CDC 5
CMS 253
CMS 5
CMS 1
CMS 16
CMS 3
Category 01 -
Unauthorized Access
Category 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and AttemptedAccess
Category 99 Non-
IncidentCategory 03 - Malicious
CodeCategory 06 -
Investigation
-
7/24/2019 HHS Cybersecurity Incident Reports
76/133
CMS 16
CMS 105
FDA 4
FDA 1
FDA 3
FDA 2
FDA 17
HRSA 3
HRSA 12
IHS 30
IHS 2
IHS 1
IHS 8
IHS 38
ITIO 35
ITIO 1
NIH 1
NIH 57
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and AttemptedAccess
Category 02 - Denial of
ServiceCategory 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 01 -
Unauthorized Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
CodeCategory 06 -
Investigation
Category 04 -
Inappropriate Usage
Category 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 06 -
Investigation
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
77/133
NIH 23
NIH 14
NIH 86
NIH 17
OS 1
OS 2
OS 2
OS 2
OS 1
OS 2
PSC 1
PSC 1
PSC 3
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and AttemptedAccess
Category 03 - Malicious
CodeCategory 99 Non-
IncidentCategory 06 -
InvestigationCategory 03 - Malicious
Code
Category 99 - Non-Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 06 -Investigation
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
78/133
-
7/24/2019 HHS Cybersecurity Incident Reports
79/133
-
7/24/2019 HHS Cybersecurity Incident Reports
80/133
-
7/24/2019 HHS Cybersecurity Incident Reports
81/133
;'D%< Cate!ory 6uantity
ACF 1
ACF 1
CDC 7
CDC 9
CDC 25
CDC 12
CMS 2
CMS 34
CMS 282
CMS 67
CMS 31
CMS 10
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 05 -
Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
82/133
FDA 4
FDA 4
FDA 19
FDA 5
FDA 5
HRSA 2
HRSA 2
HRSA 4
HRSA 2
IHS 1
IHS 15
IHS 25
IHS 1
IHS 3
ITIO 1
ITIO 11
ITIO 1
ITIO 1
NIH 18
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 99 Non-
Incident
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 02 - Denial of
ServiceCategory 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
83/133
NIH 61
NIH 27
NIH 87
NIH 31
OIG 2
OS 2
OS 2
OS 2
OS 3
PSC 1
PSC 2
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 99 - Non-IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
84/133
;'D%< Cate!ory 6uantity
ACF 1
CDC 6
CDC 3
CDC 2
CDC 1
CDC 14
CMS 3
CMS 1
CMS 86
CMS 231
CMS Unknown 1
CMS 35
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -Unauthorized Access
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
85/133
CMS 29
CMS 10
CSIRC 1
FDA 2
FDA 3
FDA 1
FDA 19
FDA 5
HRSA 1
HRSA 1
HRSA 1
IHS 1
IHS 5
IHS 1
IHS 7
ITIO 1
ITIO 3
ITIO 1
ITIO 1
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 03 - MaliciousCodeCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 02 - Denial of
ServiceCategory 99 - Non-
IncidentCategory 03 - Malicious
CodeCategory 99 Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
86/133
ITIO 1
NIH 16
NIH 50
NIH 34
NIH 80
NIH 24
OIG 1
OIG 1
OS 1
OS 2
OS 3
PSC 3
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 02 - Denial ofService
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
87/133
;'D%< Cate!ory 6uantity
ACF 1
ACF 1
ACF 1
AHRQ 2
CDC 29
CDC 13
CDC 1
CDC 32
CDC 11
CMS 19
CMS 12
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 01 -
Unauthorized
Access
Category 01 -
UnauthorizedAccess
Category 03 -
Malicious Code
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
Access
Category 05 -
Scans, Probes and
Attempted Access
Category 05 -
Scans, Probes and
Attempted Access
Category 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
88/133
CMS 7
CMS 4
CMS 89
CMS Unknown 112
CMS 118
CMS 44
FDA 3
FDA 3
FDA 17
FDA 1
FDA 2
HRSA 1
HRSA 4
HRSA 5
IHS 9
Category 99 Non-
Incident
Category 05 -
Scans/Probes/Attem
pted Access
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized
AccessCategory 99 - Non-
IncidentCategory 99 - Non-
Incident
Category 05 -
Scans, Probes and
Attempted Access
Category 01 -
Unauthorized
Access
Category 05 -
Scans/Probes/Attem
pted Access
Category 03 -
Malicious Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
Access
Category 03 -Malicious Code
Category 05 -
Scans, Probes and
Attempted Access
-
7/24/2019 HHS Cybersecurity Incident Reports
89/133
IHS 8
IHS 5
IHS 52
IHS 60
ITIO 5
ITIO 1
ITIO 2
ITIO 3
ITIO 8
ITIO 3
ITIO 2
NIH 8
NIH 68
NIH 30
NIH 21
Category 03 -
Malicious Code
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
Access
Category 99 - Non-Incident
Category 05 -
Scans, Probes and
Attempted Access
Category 03 -
Malicious Code
Category 99 Non-
Incident
Category 05 -
Scans/Probes/Attem
pted Access
Category 05 -
Scans/Probes/Attem
pted Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
AccessCategory 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
90/133
NIH 105
NIH 15
OIG 1
OIG 1
OIG 1
OIG 2
OS 1
OS 4
OS 4
OS 4
OS 3
PSC 2
PSC 6
PSC 2
SAMHSA 2
Category 05 -
Scans, Probes and
Attempted Access
Category 03 -
Malicious Code
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 05 -
Scans, Probes and
Attempted Access
Category 01 -
Unauthorized
Access
Category 05 -
Scans, Probes and
Attempted Access
Category 03 -
Malicious CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized
Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
IncidentCategory 01 -
Unauthorized
Access
Category 03 -
Malicious Code
-
7/24/2019 HHS Cybersecurity Incident Reports
91/133
SAMHSA 1
Category 01 -
Unauthorized
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
92/133
-
7/24/2019 HHS Cybersecurity Incident Reports
93/133
CMS 72
CMS 4
CMS 11
CMS 68
CMS 1
CSIRC 1
FDA 5
FDA 1
FDA 1
FDA 1
FDA 23
HRSA 1
HRSA 4
HRSA 2
IHS 1
IHS 23
IHS 14
IHS 1
Category 01 -
Unauthorized Access
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/AttemptedAccess
Category 04 -
Inappropriate Usage
Category 02 - Denial of
ServiceCategory 99 - Non-
IncidentCategory 05 -
Scans/Probes/Attempted
AccessCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized AccessCategory 99 Non-
IncidentCategory 03 - Malicious
CodeCategory 99 - Non-
IncidentCategory 05 -
Scans/Probes/Attempted
Access
Category 04 -Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
94/133
IHS 1
IHS 3
ITIO 1
ITIO 10
ITIO 3
NIH 2
NIH 26
NIH 79
NIH 19
NIH 27
NIH 1
NIH 5
NIH 59
OIG 3
OS 1
OS 1
OS 1
OS 1
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 99 Non-IncidentCategory 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 02 - Denial of
ServiceCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 99 Non-
Incident
Category 05 -Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
95/133
OS 3
OS 2
PSC 1
PSC 1
SAMHSA 1
TIC 1
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/Attempted
AccessCategory 03 - Malicious
CodeCategory 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
96/133
;'D%< Cate!ory 6uantity
ACF 2
ACF 1
ACF 1
AHRQ 1
CDC 21
CDC 7
CDC 17
CDC 4
CMS 7
CMS 4
CMS 56
CMS 7
CMS 75
Category 01 -
Unauthorized Access
Category 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 99 - Non-
Incident
Category 01 -
Unauthorized Access
Category 03 - Malicious
CodeCategory 03 - Malicious
CodeCategory 99 Non-
Incident
Category 01 -Unauthorized Access
Category 05 -
Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
97/133
CMS Unknown 194
CMS 1
CMS 11
CMS 3
FDA 15
FDA 1
FDA 4
FDA 5
FDA 1
FDA 2
HRSA 1
HRSA 1
HRSA 1
HRSA 1
HRSA 4
IHS 2
IHS 2
IHS 1
IHS 36
Category 02 - Denial of
ServiceCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/Attempted
Access
Category 03 - MaliciousCodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 99 Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 -
Scans/Probes/Attempted
AccessCategory 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
-
7/24/2019 HHS Cybersecurity Incident Reports
98/133
IHS 4
ITIO 2
ITIO 1
ITIO 2
ITIO 1
ITIO 6
NIH 2
NIH 58
NIH 22
NIH 19
NIH 101
NIH 26
OIG 1
OS 1
OS 3
OS 1
OS 1
Category 01 -
Unauthorized Access
Category 99 Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 05 -Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and AttemptedAccess
Category 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 99 Non-
Incident
-
7/24/2019 HHS Cybersecurity Incident Reports
99/133
PSC 1
PSC 2
SAMHSA 1
Category 01 -
Unauthorized Access
Category 04 -
Inappropriate Usage
Category 05 - Scans,Probes and Attempted
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
100/133
-
7/24/2019 HHS Cybersecurity Incident Reports
101/133
CDC 8
CMS 5
CMS 81
CMS 8
CMS 8
CMS 75
CMS Unknown 209
CMS 16
CSIRC 1
FDA 2
FDA 4
FDA 3
FDA 1
FDA 18
FDA 2
HRSA 1
HRSA 1
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 01 -Unauthorized Access
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 99 - Non-
IncidentCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 05 -Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
IncidentCategory 05 - Scans,
Probes and Attempted
Access
Category 01 -
Unauthorized Access
-
7/24/2019 HHS Cybersecurity Incident Reports
102/133
HRSA 1
HRSA 2
IHS 1
IHS 2
IHS 1
IHS 27
ITIO 1
ITIO 4
ITIO 2
ITIO 1
ITIO 1
ITIO 1
ITIO 4
NIH 49
NIH 38
NIH 16
NIH 176
NIH 23
Category 99 - Non-
IncidentCategory 03 - Malicious
Code
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 00 - Network
Testing
Category 99 - Non-Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
Code
-
7/24/2019 HHS Cybersecurity Incident Reports
103/133
NIH 3
NIH 2
OIG 1
OS 2
OS 1
OS 1
OS 1
OS 2
PSC 2
PSC 1
SAMHSA 1
SAMHSA 1
Category 99 Non-
IncidentCategory 05 -
Scans/Probes/Attempted
Access
Category 04 -
Inappropriate Usage
Category 05 - Scans,
Probes and Attempted
Access
Category 03 - Malicious
CodeCategory 99 - Non-
Incident
Category 04 -
Inappropriate Usage
Category 01 -
Unauthorized Access
Category 05 - Scans,
Probes and Attempted
Access
Category 04 -
Inappropriate UsageCategory 99 - Non-
Incident
Category 05 - Scans,
Probes and Attempted
Access
-
7/24/2019 HHS Cybersecurity Incident Reports
104/133
;'D%< Funtional %mpat %nformation %mpat .eovera(ility =>ort
ACF None Integrity Regular
ACF None None Regular
ACF None None Regular
ACF None None Not Applicable
ACF None Privacy Regular
ACF None Integrity Regular
AHRQ None None Regular
AHRQ None None Not Applicable
AHRQ None None Not Applicable
CDC None Privacy Regular
CDC None Privacy Regular
CDC None None Regular
CDC None None Regular
CDC None None Regular
CDC None None Regular
CDC None None Not Recoverable
CDC None None Not Applicable
CDC None None Not Recoverable
CDC None None Not ApplicableCDC None None Not Applicable
CDC None None Not Applicable
CMS None None Not Applicable
CMS None None Regular
-
7/24/2019 HHS Cybersecurity Incident Reports
105/133
CMS Low Privacy Extended
CMS Low Integrity Regular
CMS None None Regular
CMS None Privacy Regular
CMS None None Not Applicable
CMS None None Not Applicable
CMS None Privacy Regular
CMS None None Not Applicable
CMS None None Not Applicable
CMS None Privacy Not Recoverable
CMS None Privacy Regular
CMS None Proprietary Regular
CMS None None Not Applicable
CMS None None Not Applicable
CMS Medium Privacy Not Applicable
CMS None Privacy Not Applicable
CMS None Privacy Regular
CMS None Privacy Regular
CMS None None Extended
CMS Medium Privacy Not Applicable
CMS None Privacy Not Recoverable
CMS None Privacy Regular
CMS None Privacy Not Applicable
CMS None Integrity Regular
CMS Medium None Regular
CMS None Privacy Not Applicable
CMS Medium Proprietary Not Applicable
CMS Low Privacy Supplemented
CMS None Privacy Not Applicable
CMS Low Privacy Not Recoverable
-
7/24/2019 HHS Cybersecurity Incident Reports
106/133
CMS Low Privacy Extended
CMS Low Integrity Regular
CMS Low Privacy Regular
CMS None Privacy Extended
CMS Medium Privacy Regular
CMS Low Integrity Extended
CMS None Privacy Extended
CMS Medium Privacy Regular
CMS Low Privacy Not Applicable
CMS Low None Regular
CMS None Privacy Extended
CMS Medium Privacy Not Applicable
CMS Low Privacy Not Applicable
CMS Low None Regular
CMS High None Not Applicable
CMS None None Regular
CMS Low Privacy Not Applicable
CMS Low None Not Applicable
CMS High Integrity Regular
CMS None None Regular
CSIRC None None Regular
FDA None None Regular
FDA None None Regular
FDA None Integrity Regular
FDA None Integrity Regular
FDA None None Regular
FDA None None Not Recoverable
FDA None None Not Applicable
FDA None None Not Applicable
-
7/24/2019 HHS Cybersecurity Incident Reports
107/133
FDA None None Regular
FDA None None Not Applicable
FDA None None Regular
FDA None None Regular
FDA None None Extended
HRSA None None Not Applicable
HRSA None None Not Applicable
HRSA None Integrity Regular
IHS None None Regular
IHS None Privacy Regular
IHS None Privacy Regular
IHS None Privacy Not Recoverable
ITIO None None Regular
ITIO None None Regular
ITIO None None Regular
ITIO None None Regular
ITIO None None Not Applicable
ITIO None Integrity Regular
ITIO Low None RegularITIO None Integrity Regular
ITIO None Integrity Regular
NIH None Integrity Regular
NIH None Integrity Regular
NIH Low None Regular
NIH None None Regular
NIH None None Regular
NIH None None Regular
NIH None None Regular
NIH None None Regular
NIH None Privacy Regular
NIH None Privacy Not Applicable
NIH None None Not Applicable
NIH None None Regular
-
7/24/2019 HHS Cybersecurity Incident Reports
108/133
NIH None None Not Applicable
NIH None None Regular
NIH None None Not Applicable
NIH None None Not Applicable
OIG None Privacy Regular
OIG None Privacy Regular
OIG None None Regular
OS None Privacy Regular
OS None Privacy Regular
OS None Privacy Regular
OS None None Regular
PSC None Privacy Regular
PSC None Privacy Regular
PSC None None Regular
PSC None None Not Applicable
PSC Low Privacy Regular
PSC None Privacy Regular
-
7/24/2019 HHS Cybersecurity Incident Reports
109/133
&hreat
-
7/24/2019 HHS Cybersecurity Incident Reports
110/133
Other 3
Web 1
Unknown 2
Other 116
Improper Usage 2
Web 15
2
Email 1
Unknown 4
1
Improper Usage 46
Improper Usage 1
Attrition 1
Other 16
2
Unknown 1
Email 23
Web 1
3
Email 20
Other 2
Unknown 7
Other 33
Web 2
Unknown 1
Improper Usage 8
1
1
Email 4
Unknown 1
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Impersonation/Sp
oofing
-
7/24/2019 HHS Cybersecurity Incident Reports
111/133
Improper Usage 1
1
Email 1
Other 9
Other 2
1
Improper Usage 1
Email 3
Unknown 2
Web 1
Email 1
Other 6
Improper Usage 1
1
1
4
Email 2
2
Email 1
Web 5
Web 1
Email 1
Other 1
Other 1
Web 2
Attrition 2
1
Other 5
2
Impersonation/Sp
oofing
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
-
7/24/2019 HHS Cybersecurity Incident Reports
112/133
11
Email 1
Improper Usage 1
Unknown 3
1
Web 1
Unknown 1
Web 2
Unknown 1
Improper Usage 18
Email 3
Improper Usage 2
Web 1
Unknown 1
1
Email 3
Email 1
Web 4
Unknown 1Unknown 4
Email 2
Email 6
Web 1
Email 2
Other 8
18
Improper Usage 45
2
Email 157
Unknown 1
Other 1
Unknown 1
Web 12
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Loss or Theft of
Equipment
Impersonation/Sp
oofing
-
7/24/2019 HHS Cybersecurity Incident Reports
113/133
Other 11
Unknown 18
Email 1
Attrition 1
Other 1
Improper Usage 1
Email 1
Improper Usage 1
Email 1
Unknown 1
Web 1
Improper Usage 5
Email 1
Unknown 2
Other 1
Improper Usage 1
Other 1
-
7/24/2019 HHS Cybersecurity Incident Reports
114/133
;'D%< Funtional %mpat %nformation %mpat .eovera(ility =>ort
CDC None Privacy Extended
CMS None Privacy Extended
CMS Low Privacy Extended
CMS None None Extended
NIH None None Extended
NIH Low Privacy Extended
AHRQ None None Not Applicable
CDC None None Not Applicable
CDC None None Not Applicable
CDC None None Not Applicable
CDC None None Not Applicable
CMS None Privacy Not Applicable
CMS Medium Privacy Not Applicable
CMS Low None Not Applicable
CMS None Privacy Not Applicable
CMS Low Privacy Not Applicable
CMS None Privacy Not Applicable
CMS Low Privacy Not ApplicableCMS None Privacy Not Applicable
CMS None None Not Applicable
CMS Low Privacy Not Applicable
CMS None None Not Applicable
CMS Low None Not Applicable
CMS None None Not Applicable
CMS None None Not Applicable
CMS Medium Privacy Not Applicable
CMS None None Not Applicable
CMS Medium Privacy Not Applicable
CMS Medium None Not Applicable
CMS Low None Not Applicable
CMS Medium Privacy Not Applicable
-
7/24/2019 HHS Cybersecurity Incident Reports
115/133
CMS Medium None Not Applicable
CMS Low None Not Applicable
FDA Low Integrity Not Applicable
FDA None None Not Applicable
FDA None None Not Applicable
FDA Medium Integrity Not Applicable
HRSA None None Not Applicable
HRSA None None Not Applicable
HRSA None None Not Applicable
IHS None None Not ApplicableITIO Low None Not Applicable
ITIO None None Not Applicable
ITIO None None Not Applicable
NIH None None Not Applicable
NIH None None Not Applicable
NIH None None Not Applicable
NIH None None Not Applicable
CDC None None Not Recoverable
CMS None Privacy Not Recoverable
CMS Low Privacy Not Recoverable
CMS None Privacy Not Recoverable
CMS None None Not Recoverable
CMS None None Not Recoverable
CMS None Privacy Not Recoverable
FDA None None Not Recoverable
FDA Low None Not Recoverable
ACF Low Privacy Regular
-
7/24/2019 HHS Cybersecurity Incident Reports
116/133
ACF None Privacy Regular
ACF None Integrity Regular
ACF Medium Privacy Regular
AHRQ None Privacy Regular
AHRQ None None Regular
CDC Medium Integrity Regular
CDC None None Regular
CDC None Privacy Regular
CDC None None Regular
CDC None None Regular
CDC None Integrity Regular
CMS Medium Integrity Regular
CMS None Privacy Regular
CMS None None Regular
CMS None Privacy Regular
CMS None None Regular
CMS None Privacy Regular
CMS None None Regular
CMS None Privacy Regular
CMS None None Regular
CMS None Privacy Regular
CMS Low None Regular
CMS None None Regular
CMS Low None Regular
CMS Medium Privacy Regular
CMS Medium Privacy Regular
FDA None None Regular
FDA None None Regular
FDA None Integrity Regular
FDA Low Integrity Regular
HRSA None Integrity Regular
-
7/24/2019 HHS Cybersecurity Incident Reports
117/133
IHS Low None Regular
IHS None Integrity Regular
IHS None Privacy Reg