According to a letter of warning sent out recently the Orange County, Calif., branch of the Girl Scouts experienced a data breach. The letter was written by Christina Salcido, who is vice president of mission operations and it was sent out on October 22. The data breach, which is estimated to affect almost 3,000 members, occurred over the course of one day toward the end of September. An unknown third-party attacker was able to gain access to the email gsoctravel@girlscoutsoc.org, which then allowed them to send numerous emails to various strategic locations.

The email account, according to the letter, had access to records that are thought to reach back as far as 2014 and as recently as the beginning of October 2018. The data contained within these records include full legal birth names, home addresses, driver’s license numbers, health history, and even insurance policy numbers. While the breach was only active over the course of a day, the thousands of individuals exposed to potential identity theft makes this a serious event. Compounding the issue is that this affects a large number of minors who are far more vulnerable from the get-go in terms of what society can do to damage them.

In the aftermath of the breach, the Girl Scouts of Orange County notified the attorney general in California of the incident. The letter also stated that the Girl Scouts went through their emails and deleted any that contained personal data. Finally, Christina Salcido stated that the Girl Scouts are beefing up their security by “implementing a secure online system for Troop Travel forms,” as well as other undisclosed security hardening efforts being developed with their IT team.

As a final word of warning, Salcido recommended that all who may have been affected (those that are contacted directly by the Girl Scouts of Orange County) should monitor their financial information and credit score. Additionally, it is recommended that fraud alerts be implemented via contacting credit agencies to ensure the accounts.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Share
Published by
Derek Kortepeter

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

3 days ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

3 days ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

4 days ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

4 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

4 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

5 days ago