P2023-ND-007

On November 3, 2022, the Organization “became aware of a potential IT issue.” On November 4, 2022, the Organization determined it was victim to a ransomware attack when “multiple … systems were encrypted by an unauthorized third party.” An investigation “determined that an unauthorized third party was first able to access [the Organization’s] network on October 14, 2022 when [an] employee downloaded and executed a file sent to the individual in connection with a phishing attempt.”

File Type: pdf
File Size: 783 KB
Categories: 2023