Hackers hacked into the website of a charity run sponsored by J.P. Morgan; then used the same IP addresses to hack into J.P. Morgan. This led to the discovery of the breach at the bank.
How do you check for breaches? Do you look beyond your site and monitor what information is appearing on the hacker sites? Can this reduce your exposure?