The Organization operates a computer system used by auto dealers to communicate electronically with potential lenders and insurers. On April 5, 2013, a fraudulent caller claiming to represent the Organization?s technical support contacted two employees of an auto dealer and convinced them to provide their login credentials. Using these credentials, an intruder logged into the Organization?s system and attempted to access credit bureau reports for auto dealer customers. The attacker was able to view and print the personal information noted above for eight individuals. Information security measures prevented access to credit bureau reports and allowed the Organization to detect and terminate the intruder?s access.

File Type: pdf
File Size: 24 KB
Categories: 2013