P2018-ND-106

On two separate occasions, associates with the Organization clicked on phishing emails and entered their credentials, enabling an unknown individuals(s) to gain access to their email accounts. The incidents took place on April 5, 2018 (discovered the same day) and April 16, 2018 (discovered the next day). The Organization?s investigation revealed that both compromised email accounts contained personally identifiable information of certain associates of the Organization. The Organization has no evidence that the unauthorized individual actually accessed the personal information, but reported the information was accessible to the intruder(s). The incidents were discovered when the associates started to receive emails from their contacts who were questioning emails sent from the associates? account.

File Type: pdf
File Size: 333 KB
Categories: 2018