On August 10, 2020, the Organization received a suspicious phishing email from fraudsters impersonating an employee. Upon learning of the incident on August 31, 2020, the Organization investigated. As a result of the investigation, the
Organization believes that an unauthorized person breached its email security systems and accessed the email account of its employee. The Organization?s believes that the intruder had access to this employee?s emails and contact information and set up an email forwarding rule, which allowed the intruder to send unauthorized emails to the employee?s contacts. The Organization reported that it cannot rule out the possibility that the intruder sent more unauthorized email messages but permanently deleted them which could not be traced forensically.
P2021-ND-190
File Type:
pdf
File Size:
618 KB
Categories:
2021