P2021-ND-243

On April 5, 2021, the Organization learned of suspicious activity on its network. The Organization investigated and found a small number of instances where fraudsters were bypassing two-factor authentication (2FA) by chatting with agents, posing as customers and requesting that account telephone numbers be changed. In most cases, the fraudster was able to supply the original telephone number on the account, as well as the customer?s email address and, in some cases, a delivery address. It is likely that the fraudster obtained this information from breaches that occurred on other websites, outside of the Organization?s environment. After changing account telephone numbers, fraudsters were able to gain access to the accounts. The incidents occurred from August 2020 to March 2021, with the majority occurring in March 2021.

File Type: pdf
File Size: 617 KB
Categories: 2021