P2021-ND-241

The Organization uses a third party (Webeteer Inc.) for website development and support. At the time of the breach, Webeteer Inc. subcontracted hosting to another third party, GreenGeeks. On December 6, 2020, the Organization found that its WordPress website was not functioning properly. The Organization notified its website development provider who subsequently responded to the incident. The Organization determined that a malicious actor gained access to the server environment, which includes a database of registered clients, by exploiting a vulnerable WordPress plugin. It also reported that the attacker(s) installed malware, and created new email and file-transfer protocol (FTP) accounts. Attempts to access the environment without authorization were detected for a number of days after the breach was contained. The Organization reported the breach occurred between December 6-8, 2020.

File Type: pdf
File Size: 616 KB
Categories: 2021