State Department email breach leaks employee PII
The State Department was hit with an email breach which exposed the personal information of some of its employees.
The agency sent a notice dated Sept. 7 which described the incident as “activity of concern … affecting less than 1% of employee inboxes” adding the breach did not affect the agency’s classified email server, according to Politico.
“Governments and online companies that provide services online must secure all the links in their security chain,” Ryan Wilk, Vice President of Customer Success for NuData Security said. “Bad actors look for the weakest point to access information, so companies have to be extra diligent in keeping their security up to date on all placements.”
Wilk added companies that identify users online, need to devalue the data that bad actors steal and use to misrepresent legitimate users – like they do in account takeover attacks.
He said that personally identifiable information such as names and passwords become valueless to cybercriminals when organization create a new authentication framework that identifies customers by their online behavior instead of relying on credentials.
This will allow them to still recognize the person behind the device or block transactions altogether when fraud is detected. The department did not say whether or not they knew who was behind the breach.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise