P2021-ND-066

Rifco National Auto Finance

On January 10, 2017, an email was sent to the Organization’s IT Manager claiming to be from the Organization’s Human Resource Manager. On January 12, 2017, the hackers sent a bogus email containing instructions about a ?new password? to employees of the Organization. One employee acted on the instructions, which led to the compromise. The incident was discovered on January 17, 2017 when the hackers sent screenshots of human resource documents and the Organization’s payroll system to the Organization. The perpetrators demanded a ransom.

File Type: pdf
Categories: 2021
Tags: Unauthorized disclosure