On or about Saturday, October 24, 2020, cyber criminals encrypted some of the Organization?s servers and network-connected computers and demanded a ransom to decrypt them. They also claimed that they had stolen files from the Organization?s servers, targeting some of the executive team. The Organization?s investigation discovered that the attack originated from a company laptop for an employee based outside of the United States. The laptop was compromised via a phishing email in March 2020, and the criminals loaded malware onto the laptop, which later spread to the Organization?s network. Because of limited available log data, the Organization was unable to determine whether the criminals actually acquired, or the extent to which they accessed, sensitive personal information for its non-executive employees. The criminals claimed to have taken copies of certain server files, but the Organization?s investigation was only able to confirm that the personal data of some of its executives were actually copied.
? The incident ended on October 24, 2020.
P2021-ND-267
File Type:
pdf
File Size:
603 KB
Categories:
2021