Between approximately October 23, 2019 and October 30, 2019, the Organization was targeted by threat actors who gained unauthorized access to its network systems, and more particularly to some of its employees? mailboxes. The breach was discovered on October 31, 2019 when the Organization was informed by the Canadian Security Intelligence Service (CSIS) and the Canadian Centre for Cyber Security (CCCS) of potentially malicious activity on its systems linked to a suspect IP address. During its investigation, access to mailboxes and outbound transfers of data from its email server were noted and the identity of the threat actors was confirmed. Evidence was not available to determine which email was accessed or exfiltrated so the Organization conducted an eDiscovery process on mailboxes to determine the personal information that may have been breached.
P2020-ND-151
File Type:
pdf
File Size:
625 KB
Categories:
2020