P2021-ND-193

Mosaic Primary Care Network

On October 17, 2020, a shared administrative user account was used to gain unauthorized access to the Organization?s Office 365 SharePoint site (and linked files). An audit log review revealed that the threat actor accessed, viewed, and downloaded files, and uploaded a file (an image file ? ransomware.jpg) from/to the Organization?s SharePoint site. User accounts were also removed from the site. The breach was discovered on October 17, 2020.

File Type: pdf
Categories: 2021
Tags: Unauthorized access