P2021-ND-162

Johnston Group Inc.

The Organization is an employee benefits plan administrator and its client portal allows individuals to submit and track medical claims through their employers? plan. On November 9, 2020, the Organization was subject to a brute-force attack against the Organization?s client portal. The actors were trying to gain access to client accounts by trying to log in with various account names (many of which were invalid). The Organization determined that the login attempts came from a variety of computers around the world. Five accounts were successfully compromised this way and personal information about seven individuals who reside in Alberta was accessed. The attacker is not known.

File Type: pdf
Categories: 2021
Tags: Unauthorized access