P2021-ND-323

Between April 13 – 21, 2021, one of the Organization?s email accounts was regularly accessed by an unauthorized party, using the correct password. The Organization reported it does not know how the credentials were obtained. The account was used to send an unauthorized email on April 13, 2021 requesting payment of an invoice; the breach was discovered when the email recipient contacted the Organization to verify the request. The Organization reported that the ?unauthorized user had used a mail rule on the account to redirect mail with the relevant subject to the ?RSS Feeds? folder (which commonly exists and is unused, a good place to hide files) and mark them as read.?

File Type: pdf
File Size: 600 KB
Categories: 2021