P2021-ND-128

On or about June 2, 2020, attackers gained unauthorized access to an employee?s email mailbox as a result of a phishing email that the employee responded to, providing credentials. While accessing the account, the perpetrators emailed four other employees, making a fraudulent plea for funds. The attack was unsuccessful and immediately aroused suspicion. The unauthorized access was terminated June 4, 2020. The Organization?s investigation confirmed access to five (5) emails within the compromised account, containing personal information of 22 individuals. The Organization confirmed that the attacker did not forward any emails or create any forwarding rules for the employee?s inbox. The investigation found no evidence of malware and that the attacker did not gain access to computer systems.

File Type: pdf
File Size: 617 KB
Categories: 2021