Over 28,000 user records from SANS institute network, a cybersecurity training institute was compromised after one of its employees’ fallen victim for a phishing email. The credentials of his email account were used to access and forward about 518 emails to an external account which contained personally identifiable information of SANS members.
28,000 Records Containing Members Data Breached
SANS is a training institute for cybersecurity and provides certificates based on relevant courses. The institute has disclosed a data breach incident yesterday in its blog, where it discovered in a systematic review of email configurations in their network. Right after detection, it terminated the leaking process to avoid more impact.
It explained that one of its employees has received a phishing email, which led his credentials being overtaken by an unknown attacker. These are eventually used for unauthorised access and install an OAuth Office 365 add-on to his email account and ruled to forward all his incoming emails to an unknown external account. The transmission included about 518 emails containing over 28,000 records of SANS members.
SANS said it’s investigating the issue to know more and would webcast their learnings to the community upon completion. As of now, the initial investigation revealed no other accounts were being compromised of this vector, and the leaked information didn’t contain any sensitive data like credit card numbers or account passwords.
But, those 28,000 records contained the personally identifiable information like the first name and last name, email ID, company name, work title, industry, address, and country of residence. SANS have immediately deployed its instructions for forensic investigation, right after learning the incident. It also claims to informed the affected members about potential attacks.
Other Trending News:- News