In or around August 2017, an unauthorized forwarding rule was installed on the Outlook mailbox of the Organization?s internal legal counsel. As a result, copies of all incoming emails were forwarded to an unauthorized third-party Gmail account. The incident was likely the result of a phishing attack. The investigation revealed that approximately 17,000 emails were transferred over a ten (10) month period. Of those, approximately 800 documents were identified as potentially containing some form of personal identifiable information of approximately 1000 individuals, most of which are current and past employees and board members. The suspicious email forwarding rule was discovered on May 29, 2018, when the Organization?s internal cybersecurity expert was deploying a new cybersecurity defense solution that would proactively detect unusual activity on the Organization?s systems.
P2018-ND-095
File Type:
pdf
File Size:
410 KB
Categories:
2018