On November 20, 2015, several of the Organization?s employees received a phishing email. Four staff email accounts were compromised as a result of these employees opening and executing the embedded link in the phishing email. Additional phishing emails were generated and sent from the compromised staff accounts, and in at least one case, filters were set up to direct all incoming emails to trash. It does not appear that compromised email accounts were used to forward attachments or data from compromised accounts to another email address. On December 2, 2015, an employee opened and executed the embedded link in the phishing email originally received on November 20. The compromised account was used to generate and send additional phishing emails. As a result, four additional employee accounts were compromised. The Organization?s investigation confirmed that at least one compromised employee email account contained sensitive customer personal information including date of birth, medical information and bank information.
P2017-ND-100
File Type:
pdf
File Size:
336 KB
Categories:
2017