The State Controller of California is the chief financial officer of California, being the investigative authority for every dollar spent by the state, and an ex-officio member of the state’s Board of Equalization

The California State Controller’s Office became the victim of a data breach, caused by a phishing attack, that left the agency with records of 9,000 people stolen.  

The attack became possible when an employee of the State Controller’s Office Unclaimed Property Division clicked on a link received in an email

He, then proceeded to enter a user ID and password as prompted by the email, thus providing the login details to “an unauthorized user” who then was able to access freely the employee’s account on March 18 and 19.

An employee of the California State Controller’s Office (SCO) Unclaimed Property Division clicked on a link in an email they received and then entered their user ID and password as prompted, unknowingly providing an unauthorized user with access to their email account.

Source

Personal information contained in unclaimed property was stolen and also, the State Controller’s Office noted, the unauthorized user had sent what seems to be malicious emails to some of the employee’s contacts.

The State Controller’s Office disclosed in its data breach report that the breach in question was promptly discovered, and anyone who could’ve been affected by it has been notified.

The SCO press secretary, Jennifer Hanson, declared in an email statement that:

Controller (Betty) Yee would like to take this opportunity to remind everyone that bad actors are using ever-more-convincing methods to gain access to information.
Be cautious clicking on a link or attachment you are not expecting – even if it appears to come from a trusted source. The best course of action is to check with the supposed sender first.

Source

Even if in the official statement the breach is not treated as extremely dangerous, some cybersecurity researchers believe that the breach also gave access to the employee’s Microsoft Office 365 files and any files that were shared with that account in the network. 

Heimdal Official Logo

Email communications are the first entry point into an
organization’s systems.

Heimdal™ Email Fraud Prevention

Is the next-level mail protection system which secures
all your incoming and outgoing comunications.
  • Deep content scanning for attachments and links;
  • Phishing, spear phishing and man-in-the-email attacks;
  • Advanced spam filters to protect against sophisticated attacks;
  • Fraud prevention system against Business Email Compromise;
Try it for FREE today Offer valid only for companies.

Ralph Pisani, the president of a security management platform provider believes that this is only the beginning, as the attacker managed to stay in the network for 24 hours, whilst having full access to Social Security numbers and sensitive files of thousands of state workers.

Many of the most devastating cyberattacks in history have started with a link to a phishing URL.
 A carefully crafted email containing a malicious link can fool even the most security-aware of employees. As soon as it is clicked, the clock begins ticking as hackers move laterally throughout the network to extract as much information as possible.
 All of this information was used to send targeted phishing messages to at least 9,000 others and their contacts.

Source 

The State Controller of California strongly recommends for the individuals and companies contacted by them to carefully monitor their accounts and also get in contact with the three credit bureaus and place a fraud alert on their accounts.

2021.03.15 QUICK READ

How Important Is BEC Security For Your Company?

Email protection cover image
2021.03.05 QUICK READ

Email Protection 101: What You Need to Know About Secure Communication

microsoft phishing campaign cover photo
2019.10.21 QUICK READ

New Microsoft Phishing Campaign Targets Office365 Users

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP