P2021-ND-038

Claire?s Store Inc.

The Organization was switching its in-house accounting/bookkeeping products and needed to migrate data to the new platform. The Organization engaged an individual to provide technical support, believing the individual was associated with the accounting software company. The individual was granted remote computer access and uploaded an accounting file containing the information at issue. The individual was also given the account number for the online bookkeeping account, but was not given the password. Immediately after the file was uploaded, the individual ?demanded a large sum of money in exchange for “fixing” supposed errors with the data?. The Organization contacted the software company and confirmed the individual was not a legitimate employee. No funds were paid to the imposter. However, the imposter is now in possession of the Organization’s accounting information.
? The breach occurred on July 22, 2020 and was discovered the same day.

File Type: pdf
Categories: 2021
Tags: Unauthorized access