P2021-ND-122

On June 17, 2021, the Organization was victim to a phishing attack when an employee opened a malicious email attachment. After the initial breach, the attackers installed additional tools to propagate their attack. The incident was discovered 68 days later on August 24, 2020 when abnormal CPU utilization was detected on a database server. For the following 5 days, the Organization analyzed the breach and eliminated the attackers? access, effective August 29, 2020. The Organization?s investigation determined that the attackers accessed and ran searches in a customer database.

File Type: pdf
File Size: 616 KB
Categories: 2021