P2021-ND-333

On March 10, 2021, the Organization was notified that data relating to its customers was in the custody of an unauthorized third party. An investigation determined that ?at some point between August 2019 and May 2021,? one of the Organization?s vendors inadvertently set ?cloud containers containing [the Organization?s] data to open permissions?. The Organization believes ?the threat actor intentionally took the data at issue?.

File Type: pdf
File Size: 622 KB
Categories: 2021