P2018-ND-137

On September 11, 2018, a malicious user account was created by an attacker who used stolen credentials to access the system administrator functionality in the customer service application on systems operated and maintained by the Organization. On October 1, 2018, the Organization activated its Incident Response procedures and the malicious use connectivity was promptly revoked. The malicious activity was detected through automated behavioral analytics on September 25, 2018. Prior to that date, the unauthorized activity was minimal and within normal operating thresholds.

File Type: pdf
File Size: 328 KB
Categories: 2018