P2019-ND-145

On May 5, 2017, the Organization?s chief security officer received a spam email from another employee?s email. The Organization investigated and determined that a phishing incident occurred and that there was potential unauthorized access to information contained within an employee?s emails. The unauthorized third party may have had access to the employee?s email account from February 9, 2017 to February 15, 2017 and used the account to send spam emails. Although the Organization did not find that the unauthorized third party actually obtained this information or used it for improper purposes, the third party did have access to the employee?s email account during the time indicated above.

File Type: pdf
File Size: 528 KB
Categories: 2019