State Department email breach leaks employee PII - Attivo Networks
Attivo Networks Blogs

State Department email breach leaks employee PII

SC media logo

The State Department was hit with an email breach which exposed the personal information of some of its employees.

The agency sent a notice dated Sept. 7 which described the incident as “activity of concern … affecting less than 1% of employee inboxes” adding the breach did not affect the agency’s classified email server, according to Politico.

“Governments and online companies that provide services online must secure all the links in their security chain,” Ryan Wilk, Vice President of Customer Success for NuData Security said. “Bad actors look for the weakest point to access information, so companies have to be extra diligent in keeping their security up to date on all placements.”

Wilk added companies that identify users online, need to devalue the data that bad actors steal and use to misrepresent legitimate users – like they do in account takeover attacks.

He said that personally identifiable information such as names and passwords become valueless to cybercriminals when organization create a new authentication framework that identifies customers by their online behavior instead of relying on credentials.

This will allow them to still recognize the person behind the device or block transactions altogether when fraud is detected. The department did not say whether or not they knew who was behind the breach.


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Ready to find out what’s lurking in your network?

Scroll to Top