On September 7, 2017, the Organization discovered signs indicating attempts were made to gain access to one of their web servers. The incident was discovered after the Organization?s database administration team discovered a high number of failed SQL login attempts. The Organization?s IT Security team investigated these reports and identified signs of unauthorized access to a database server. Findings from the investigation determined that an unauthorized individual may have gained access to the server and then used that access to connect to a database server. The database included information regarding certain tax exempt transactions, which included the name and driver’s license number of three Alberta residents. The Organization reported the earliest evidence of unauthorized access was September 5, 2017 until the incident was discovered September 7, 2017.
P2017-ND-160
File Type:
pdf
File Size:
329 KB
Categories:
2017