Total Tests:

SANS Institute breach proves anyone can fall victim to a ‘consent phishing’ scam

By Bradley Barth for SC Media
Friday, August 14, 2020

The SANS Institute is attributing a data breach that exposed roughly 28,000 records containing personally identifiable information to a malicious Office 365 add-on, which caused an employee’s email account to automatically forward emails to an attacker’s address.

The company also came under criticism for how one email account resulted in the compromise of nearly 30,000 records. “The breach of one single email… should not lead to such a significant exposure of PII data, even if it’s a drop in the ocean of disclosed data breaches from the last 18 months,” said Ilia Kolochenko, founder and CEO of ImmuniWeb.

For the moment, it’s not clear as to the organizational role of the SANS Institute employee who was phished. Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential