On May 4, 2020, an employee was subject to a targeted phishing attack. A malicious email directed the user to a webpage where they were prompted to enter their login credentials. The attackers were able to use the credentials to access the employee?s email account containing the information at issue. The breach was discovered and contained 2 days later on May 6, 2020 by the Organization?s IT Security team. The Organization was unable to confirm whether the contents of the email were accessed.