On May 21, 2019 an analyst with the Organization was monitoring social media and found a YouTube video that had been uploaded by an unknown third party and which displayed a list of the Organization?s accounts. In the YouTube video, the third party is seen to be advertising a software tool that is used to test lists of user account credentials, in order to identify accounts susceptible to being compromised. The Organization commenced an internal investigation and found that an attacker appeared to have directed valid and invalid credentials (not obtained from the Organization) at the Organization?s systems in order to determine which credentials worked and which did not. Specifically, on or around May 21, 2019, there were 482,000 attempts by the unauthorized third party to access the Organization?s accounts using these credentials. Most attempts were blocked or denied; however, some credentials were valid and enabled the unauthorized party to access user accounts illegally and without the user’s authorization.