Starting September 1, 2023 federally insured credit unions will have to report cyber incidents. The rule defines cyber incident to include any incident that jeopardizes an information system or the information stored in one. Reportable incidents however are defined less broadly.