P2021-ND-271

The Commonwell Mutual Insurance Group

On March 3, 2021, the Organization became aware that an unauthorized third party had gained access to its IT system on February 24, 2021. The Organization reported that the unauthorized third party was able to gain access to elevated privileges and launch Cobalt Strike. Some registries were modified and suspicious files were created on the system. On March 26, 2021, the Organization learned that certain personal information may have been exfiltrated. All internal systems were operational and there was no encryption of data or interruption of services. The Organization reported the ?root cause of the incident could not be determined, but the unauthorized third party likely gained access to the ? environment via VPN connection.?

File Type: pdf
Categories: 2021
Tags: Unauthorized access