On September 30, 2019, the Organization discovered unauthorized activity that may have resulted in unauthorized access to one of the Organization?s servers. The Organization?s investigation determined that the unauthorized activity began on September 28, 2019 and continued at least until October 2, 2019. The incident occurred as a result of the unauthorized user exploiting a vulnerability in an open source data structure store, which was then used to access the affected underlying staging server by compromising authentication controls. The unauthorized access appears to allow equivalent access to the server as authorized users. This unauthorized activity was discovered by the Organization?s engineers who were unable to log into the server. Upon review, it was determined that the authentication file containing permissions for the approved users had been replaced.
P2019-ND-205
File Type:
pdf
File Size:
612 KB
Categories:
2019