On August 1, 2022, an internal active directory contact list with details of the Organization’s workers and business partners was posted on an underground hacking community channel within the messaging platform, Telegram. The information was then reposted on August 4, 2022, on a different channel on the Telegram platform. The Organization learned of these postings on August 11, 2022. The attacker obtained access to the credentials of a service account (i.e., an account provisioned for internal automated services, not an account belonging to a specific individual). The Organization continues to investigate how the attacker gained access to this account. The Organization reported it is currently unaware of any actual misuse of this information.
P2022-ND-053
File Type:
pdf
File Size:
622 KB
Categories:
2022