Personnel reported being unable to access the servers and that login credentials had been changed. The Organization determined that on or about November 16, 2020, an unauthorized third party gained access to its network and subsequently acquired some of its internal company information from a server before installing a ransomware program. The unauthorized party posted certain of the Organization’s information on a publicly accessible website. The Organization learned that certain of its customers’ personal information was affected after completing a detailed search and a manual review of thousands of files. The Organization reported, “We are not aware of any cases of identity theft or fraud connected to this incident and do not believe the unauthorized third party was targeting personal information in the incident.”
P2022-ND-047
File Type:
pdf
File Size:
618 KB
Categories:
2022