On September 17, 2019, malicious actor(s) used valid credentials obtained from prior breaches unrelated to the Organization to access the some customer accounts. The incident was a remote cyber attack against a cloud based authentication service. Using Application Programming Interface (API) calls, the attackers used the previously exposed email address and password to log in, change the password, and then change the email address on file to an invalid email address. The breach was discovered on September 17, 2019 when customers who received an automated email notice that a change was made to their account, contacted the Organization.
File Type:
pdf
File Size:
193 KB
Categories:
2021