P2018-ND-161

On March 28, 2018, a customer of the Organization received an anti-virus alert notifying him of an attempt to download malicious software to his computer when he visited the Organization?s website. The customer notified the Organization. The Organization investigated and, on April 3, 2018, discovered unauthorized modification of the website ?shop.coopwinespiritsbeer.com?, which was formerly ?www.yycwinedeals.com? and still redirected from that URL. The Organization said the only authorized administrators of the site are its IT team and the vendor and neither undertook any changes. The Organization believes it is possible that unmitigated vulnerabilities in WordPress were exploited in order to gain administrative privileges. The Organization reported that unauthorized individuals had access to, but did not necessarily read, the data.

File Type: pdf
File Size: 329 KB
Categories: 2018