Oregon DHS Hit By Monumental Phishing Attack, Compromising 645,000 Accounts

By   ISBuzz Team
Writer , Information Security Buzz | Jun 25, 2019 03:11 pm PST

Fox News has released the article, regarding a recent phishing email breach at Oregon DHS, compromising approximately 645,000 accounts. 

  • The email was sent to Oregon’s DHS employees on Jan. 8, 2019. Nine employees opened the email and clicked on a link that allowed the sender to access their email accounts. 
  • The result was exposed data – contained mostly in email attachments – that included names, addresses, dates of birth, Social Security numbers, case numbers, personal health information and other information used in DHS programs, the department said. 


Expert Comments: 

Craig Cooper, COO at Gurucul:

isbuzz expert 2“This incident shows how far we have to go before we can eradicate phishing threats. Cybersecurity training for employees is still nowhere near where it should be; It is often said that humans are the weakest link in the security chain. People are susceptible to phishing because these attacks exploit basic human nature, like curiosity and pride. Organisations would be wise to ensure that their users know about the potential dangers of clicking links and opening attachments in emails.

Beyond user training, however, organisations should also monitor user and entity behavior to identify anomalous and suspicious actions. Machine learning algorithms can compare current behaviour to previously baselined behaviourBehaviour analytics provides the data to identify trends and spot outliers so that you can quickly remediate threats. The behaviour is the tell and, in this case, the behavior of the compromised account would be suspicious and therefore have been flagged as risky and anomalous by behavioural analytics software.”