Fox News has released the article, regarding a recent phishing email breach at Oregon DHS, compromising approximately 645,000 accounts.
- The email was sent to Oregon’s DHS employees on Jan. 8, 2019. Nine employees opened the email and clicked on a link that allowed the sender to access their email accounts.
- The result was exposed data – contained mostly in email attachments – that included names, addresses, dates of birth, Social Security numbers, case numbers, personal health information and other information used in DHS programs, the department said.
https://twitter.com/StateStatus_OR/status/1143234936482226178
Expert Comments:
Craig Cooper, COO at Gurucul:
Beyond user training, however, organisations should also monitor user and entity behavior to identify anomalous and suspicious actions. Machine learning algorithms can compare current behaviour to previously baselined behaviour. Behaviour analytics provides the data to identify trends and spot outliers so that you can quickly remediate threats. The behaviour is the tell and, in this case, the behavior of the compromised account would be suspicious and therefore have been flagged as risky and anomalous by behavioural analytics software.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.