DD Form 2959 Breach of Personally Identifiable Information (Pii) Report

DD Form 2959 is a U.S. Department of Defense form also known as the "Breach Of Personally Identifiable Information (pii) Report". The latest edition of the form was released in February 1, 2013 and is available for digital filing.

Download an up-to-date DD Form 2959 in PDF-format down below or look it up on the U.S. Department of Defense Forms website.

ADVERTISEMENT
BREACH OF PERSONALLY IDENTIFIABLE INFORMATION (PII) REPORT
Date:
Date:
Date:
(MM/DD/YYYY)
(MM/DD/YYYY)
(MM/DD/YYYY)
AFTER ACTION
INITIAL REPORT
UPDATED REPORT
REPORT
1. GENERAL INFORMATION
c. DATE REPORTED TO US-CERT
d. US-CERT NUMBER
a. DATE OF BREACH
b. DATE BREACH DISCOVERED
(MM/DD/YYYY)
(MM/DD/YYYY)
(MM/DD/YYYY)
g. TYPE OF BREACH
h. CAUSE OF BREACH
(Click to select)
e. COMPONENT INTERNAL
f. BREACH INVOLVED
(Click to select)
(Click to
TRACKING NUMBER
select)
(If applicable)
i. COMPONENT
j. OFFICE NAME
(Click to select)
POINT OF CONTACT FOR FURTHER INFORMATION:
k. FIRST NAME
l. LAST NAME
m. RANK/GRADE AND TITLE
n. DUTY E-MAIL ADDRESS
o. DUTY TELEPHONE NUMBER
MAILING ADDRESS:
p. ADDRESS
q. CITY
r. STATE
s. ZIP CODE
2.a. DESCRIPTION OF BREACH
. NOTE: Do NOT include PII or Classified Information.
(Up to 150 words, bullet format acceptable)
2.b. ACTIONS TAKEN IN RESPONSE TO BREACH, TO INCLUDE ACTIONS TAKEN TO PREVENT RECURRENCE AND LESSONS LEARNED
(Up to 150 words, bullet format acceptable). NOTE: Do NOT include PII or Classified Information.
DD FORM 2959, FEB 2013
Adobe Designer 9.0
BREACH OF PERSONALLY IDENTIFIABLE INFORMATION (PII) REPORT
Date:
Date:
Date:
(MM/DD/YYYY)
(MM/DD/YYYY)
(MM/DD/YYYY)
AFTER ACTION
INITIAL REPORT
UPDATED REPORT
REPORT
1. GENERAL INFORMATION
c. DATE REPORTED TO US-CERT
d. US-CERT NUMBER
a. DATE OF BREACH
b. DATE BREACH DISCOVERED
(MM/DD/YYYY)
(MM/DD/YYYY)
(MM/DD/YYYY)
g. TYPE OF BREACH
h. CAUSE OF BREACH
(Click to select)
e. COMPONENT INTERNAL
f. BREACH INVOLVED
(Click to select)
(Click to
TRACKING NUMBER
select)
(If applicable)
i. COMPONENT
j. OFFICE NAME
(Click to select)
POINT OF CONTACT FOR FURTHER INFORMATION:
k. FIRST NAME
l. LAST NAME
m. RANK/GRADE AND TITLE
n. DUTY E-MAIL ADDRESS
o. DUTY TELEPHONE NUMBER
MAILING ADDRESS:
p. ADDRESS
q. CITY
r. STATE
s. ZIP CODE
2.a. DESCRIPTION OF BREACH
. NOTE: Do NOT include PII or Classified Information.
(Up to 150 words, bullet format acceptable)
2.b. ACTIONS TAKEN IN RESPONSE TO BREACH, TO INCLUDE ACTIONS TAKEN TO PREVENT RECURRENCE AND LESSONS LEARNED
(Up to 150 words, bullet format acceptable). NOTE: Do NOT include PII or Classified Information.
DD FORM 2959, FEB 2013
Adobe Designer 9.0
b. WERE AFFECTED INDIVIDUALS NOTIFIED?
3.a. NUMBER OF INDIVIDUALS AFFECTED
(1) If Yes, were they notified within 10 working
days?
(1) Contractors
Yes
No
Yes
No
(2) If Yes, notification date
(3) If Yes, number of individuals notified:
(MM/DD/YYYY)
(2) DoD Civilian Personnel
(3) Military Active Duty Personnel
(4) If notification will not be made, explain why, or if number of individuals notified differs from total
(4) Military Family Members
number of individuals affected, explain why:
(5) Military Reservists
(6) Military Retirees
(7) National Guard
(8) Other
:
(Specify)
(6) If Yes, number of individuals offered credit
(5) If applicable, was credit monitoring offered?
monitoring:
Yes
No
4. PERSONALLY IDENTIFIABLE INFORMATION (PII) INVOLVED IN THIS BREACH
(X all types that apply)
*If Financial Information was selected, provide additional detail:
(1) Names
(7) Passwords
(2) Social Security Numbers
(8) Financial Information*
(a) Personal financial information
(3) Dates of Birth
(b) Government credit card
If yes, was issuing bank notified?
(9) Other (Specify):
(c) Other (Specify):
(4) Protected Health Information (PHI)
Yes
No
(5) Personal e-mail addresses
(6) Personal home addresses
5. SELECT ALL THE FOLLOWING THAT APPLY TO THIS BREACH
b. EQUIPMENT
a. PAPER DOCUMENTS/RECORDS
(If selected, provide additional detail)
detail)
(If selected, provide additional
(1) Paper documents faxed
(1) Location of equipment
(2) Paper documents/records mailed
(2) Equipment disposed of improperly
0
(3) Paper documents/records disposed of improperly
(3) Equipment owner
0
(4) Unauthorized disclosure of paper documents/records
(4) Government equipment Data At Rest (DAR) encrypted
0
(5) Other (Specify):
(5) Government equipment password or PKI/CAC protected
0
(6) Personal equipment password protected or commercially encrypted
0
c. IF EQUIPMENT, NUMBER OF ITEMS INVOLVED
(7) Flash drive/USB stick/other
(If Other, Specify):
(1) Laptop/Tablet
(4) MP3 player
removable media
(2) Cell phone
(5) Printer/Copier/Fax/Scanner
(8) External hard drive
(3) Personal Digital Assistant
(6) Desktop computer
(9) Other
e. INFO DISSEMINATION
d. EMAIL
(If selected, provide additional detail)
(If selected, provide additional detail)
(1) Email encrypted
0
(1) Information was posted to the Internet
0
(2) Email was sent to commercial account (i.e., .com or .net)
0
0
(2) Information was posted to an intranet
(e.g., SharePoint or Portal)
(3) Email was sent to other Federal agency
0
0
(3)
Information was accessible to others without need-to-know on a share drive
0
0
(4) Email recipients had a need to know
(4) Information was disclosed verbally
0
(5) Recipients had a need to know
f. OTHER
(Specify):
b. IMPACT DETERMINATION
6.a. TYPE OF INQUIRY
(for
(If applicable) (Click to select) (If Other, specify)
Component Privacy Official or designee
use only) (X one)
Low
Medium
High
c. ADDITIONAL NOTES
(Up to 150 words, bullet format acceptable)
NOTE: Do NOT include PII or Classified Information.
DD FORM 2959 (BACK), FEB 2013
INSTRUCTIONS FOR COMPLETING DD FORM 2959,
BREACH OF PERSONALLY IDENTIFIABLE INFORMATION (PII) REPORT
Select Initial, Updated, or After Action Report and enter the date.
b. ACTIONS TAKEN IN RESPONSE TO BREACH, TO INCLUDE ACTIONS
TAKEN TO PREVENT RECURRENCE AND LESSONS LEARNED (Up to
150 words, bullet format acceptable). Note: Do not include PII or classified
1. GENERAL INFORMATION.
information. Summarize steps taken to mitigate actual or potential harm to
a. Date of Breach. Enter the date the breach occurred. If the
the individuals affected and the organization. For example, training,
specific date cannot be determined, enter an estimated date and
disciplinary action, policy development or modification, information systems
provide further explanation in the notes section of the report.
modifications. List any findings resulting from the investigation of the breach.
b. Date Breach Discovered. Enter the date the breach was initially
3.a. NUMBER OF INDIVIDUALS AFFECTED. For each category of
discovered by a DoD employee, military member, or DoD contractor.
individuals listed, enter the number of individuals affected by the breach.
Do not include an individual in more than one category.
c. Date reported to US-CERT. Breaches must be reported to
US-CERT within 1 hour of discovery. Enter the date reported to
b. Were affected individuals notified? Check box "Yes" or "No". If the
US-CERT.
individuals affected will not receive a formal notification letter about the breach,
select "No" and enter an explanation of why the Component determined
notification was not necessary in 3.b.(4). If additional space is needed for this
d. US-CERT Number. Enter the number assigned by US-CERT
justification, continue text in 6.c., Additional Notes.
when the breach was reported.
(1) If affected individuals were notified, were they notified within 10 working
days? Check "Yes" or "No".
e. Component Internal Tracking Number (if applicable). If your
(2) If the affected individuals will be notified of the breach, provide the date the
component uses an internal tracking number, enter the number
notification letters will be sent.
assigned.
(3) - (4) If "Yes", list the number of individuals notified. If the number of
individuals notified differs from total number of individuals affected, explain why
f. Breach Involved (click to select). Select from the drop-down list -
in 3.b.(4).
Email, Info Dissemination, Paper Records, or Equipment.
(5) Was credit monitoring offered? Select "Yes" or "No".
Note: This is a risk of harm based decision to be made by the DoD Component.
(6) If "Yes", enter the number of individuals offered credit monitoring.
g. Type of Breach (click to select). Select from the drop-down list -
Theft, Loss, or Compromise.
4. PERSONALLY IDENTIFIABLE INFORMATION (PII) INVOLVED IN
THIS BREACH. Select all that apply. If Financial Information is selected,
h. Cause of Breach (click to select). Select from the drop-down list
provide additional details.
the predominate cause of the breach - Theft, Failure to Follow Policy,
Computer Hacking, Social Engineering, Equipment Malfunction,
5. SELECT ALL THE FOLLOWING THAT APPLY TO THIS BREACH.
Failure to Safeguard Government Equipment or Information,
Check at least one box from the options given. If you need to use the "Other"
Improper Security Settings, or Other.
option, you must specify other equipment involved.
i. - j. Component. Select from the drop-down list. After you select
a. Paper Documents/Records. If you choose Paper Documents/Records,
your Component, enter the Office/Name in block 1.j (i.e., if "OSD/JS"
answer each associated question by selecting from the drop-down options.
is the Component selected, an example of the Office would be
b. - c. Equipment. If you choose Equipment, answer the associated
"TMA").
questions by selecting from the drop-down options. Enter a number in the
empty field indicating how many pieces of each type of equipment were
k. - s. Point of Contact for Further Information. Enter the requested
involved in the breach. If "Other", you will need to specify what type of
information for the person to be contacted if DPCLO requires
equipment was involved.
additional details regarding the breach.
d. - e. Email and Info Dissemination. If Email or Info Dissemination is
2.a. DESCRIPTION OF BREACH (Up to 150 words, bullet format
selected, choose either "Yes" or "No" for all of the questions.
acceptable). Note: Do not include PII or classified information.
Summarize the facts or circumstances of the theft, loss or
6.a. TYPE OF INQUIRY. Select the type of inquiry conducted as a result of
compromise of PII as currently known, including:
the breach. If the inquiry type is "Other", please describe.
- the description of the parties involved in the breach;
b. Impact Determination. (Component Privacy Official or designee use only.)
- the physical or electronic storage location of the data at risk;
Select one: What is the overall risk level associated with this breach?
- if steps were immediately taken to contain the breach;
Risk is determined by considering the likelihood that the PII can be accessed
- whether the breach is an isolated incident or a systemic problem;
by an unauthorized person and assessing the impact to the organization and
- who conducted the investigation of the breach; and
individual if the PII is misused.
- any other pertinent information.
c. Additional Notes. This field can be used to convey additional information.
DD FORM 2959 (INSTRUCTIONS, FEB 2013

Download DD Form 2959 Breach of Personally Identifiable Information (Pii) Report

958 times
Rate
4.6(4.6 / 5) 67 votes
ADVERTISEMENT
Page of 3