impact-metric-vocab

Accounts (1)

Computer, network, financial, user accounts

Credit card numbers (2)

Physical or digital credit or debit card numbers

Customers (3)

The number of customers effected (e.g., through stolen accounts, PII, etc.)

Documents (4)

The number of physical or digital documents effected (stolen, deleted, modified, etc.)

Dollars (5)

Specific financial impact of money stolen, restitution ordered, etc.

Employees (6)

Number of employees effected

Files (7)

Number of physical or digital files stolen, read, or compromised

Hours (8)

Down time or time effected in hours

Pages (9)

Number of individual pages of a document(s) or file(s)

Person-hours (10)

Person-hours or work time effected. Often occurs in sabotage incidents

Identities (11)

PII records, user information, etc.

Items (12)

Generic items such as merchandise

Systems (13)

Workstations, servers, virtual machines, etc.

Records (14)

Records or rows such as database or accounting records

Drugs (15)

Number of pills, vials, syringes, etc. for drugs or medicine taken or effected

Trade Secrets (16)

Number of trade secrets stolen or effected