Briefly describe the security incident (e.g., denial of service, malicious software, ransomware, unauthorised access of SM8 data, unauthorised use of SM8 services, lost or compromised data).
¨
Describe the impact(s) of the security incident.
¨
What was the type of data and amount breached?
How many SM8 information systems and/or services are impacted by the security incident?
¨
Are existing SM8 security controls preventing the security incident from impacting the confidentiality, integrity and availability of SM8 information systems, network resources or data (i.e., firewall is blocking an attack from the Internet)?
¨
Can the security incident be contained by quickly updating an existing SM8 security control (i.e., adding a firewall rule or changing a router’s rule set, limiting user access)?
¨
Are organizations outside of SM8 being impacted by the security incident?
¨
Has the security incident resulted in suspected or confirmed loss, theft or unauthorized access of data transmitted to clients, or stored or processed by SM8? If yes, provide a detailed description.
¨
Has the security incident resulted in suspected or confirmed loss, theft or unauthorized access of “non-public” personal health information transmitted, stored or processed by SM8? If yes, provide a detailed description.
Contains information about the traffic source or campaign that directed user to the website. The cookie is set when the GA.js javascript is loaded and updated when data is sent to the Google Anaytics server
6 months after last activity
__utmv
Contains custom information set by the web developer via the _setCustomVar method in Google Analytics. This cookie is updated every time new data is sent to the Google Analytics server.
2 years after last activity
__utmx
Used to determine whether a user is included in an A / B or Multivariate test.
18 months
_ga
ID used to identify users
2 years
_gali
Used by Google Analytics to determine which links on a page are being clicked
30 seconds
_ga_
ID used to identify users
2 years
_gid
ID used to identify users for 24 hours after last activity
24 hours
_gat
Used to monitor number of Google Analytics server requests when using Google Tag Manager
1 minute
_gac_
Contains information related to marketing campaigns of the user. These are shared with Google AdWords / Google Ads when the Google Ads and Google Analytics accounts are linked together.
90 days
__utma
ID used to identify users and sessions
2 years after last activity
__utmt
Used to monitor number of Google Analytics server requests
10 minutes
__utmb
Used to distinguish new sessions and visits. This cookie is set when the GA.js javascript library is loaded and there is no existing __utmb cookie. The cookie is updated every time data is sent to the Google Analytics server.
30 minutes after last activity
__utmc
Used only with old Urchin versions of Google Analytics and not with GA.js. Was used to distinguish between new sessions and visits at the end of a session.
End of session (browser)
Marketing cookies are used to follow visitors to websites. The intention is to show ads that are relevant and engaging to the individual user.
Facebook Pixel is a web analytics service that tracks and reports website traffic.
