P2020-ND-165

On June 19, 2020, one of the Organization?s technology service providers was subject to a cyber attack. The attackers gained access to several of the Organization?s environments, including Github and Amazon Web Services (AWS). The attackers obtained internal user credentials which were used to access and download a database containing the information at issue. On July 2, 2020, the Organization was notified by its service provider that the systems had been compromised. On July 11, 2020, the service provider advised the Organization that its data was involved in the incident and records were posted for sale on the dark web. On the same day, the Organization disabled or expired user passwords and began notifying impacted individuals. On October 2, 2020, the Organization reported that law enforcement removed the user records from the attacker?s forum on the dark web.

File Type: pdf
File Size: 609 KB
Categories: 2020