The California State Controller’s Office experienced a data breach on March 20. This was made public via a news alert shared by the office. According to the alert, the breach was caused by an employee responding to a phishing email. The employee in question was a part of the California State Controller’s Office (SCO) Unclaimed Property Division and clicked a malicious link within the phishing email, subsequently entering their ID and password. As one might guess, threat actors were able to gain privileged access to the State Controller’s network and subsequent databases as a result.
The hacker had access to the system from March 18 to March 19. According to the news update, the attacker gained access to “personal identifying information contained in Unclaimed Property Holder Reports” and also “sent potentially malicious emails to some of the SCO employee’s contacts.”
Following the breach, the access was removed and an investigation was launched. The State Controller’s Office immediately sent out messages to any potential targets instructing them to delete any suspicious emails and monitor accounts. In the news alert, links to the three credit bureaus (Experian, TransUnion, and Equifax) were given. The SCO states that all affected by the breach should contact the agencies in question and place fraud alerts on accounts.
While this breach could have been worse considering the data handled by the SCO (such as payroll and state accounting), it is a lesson in basic security protocols. Every governmental agency, corporation, and any other potential target should invest in training employees on how to be defensive against cyberattacks. Time and time again, we hear of data breaches and other incidents caused by lapses in judgment. This is what cybercriminals count on, and until everyone is properly informed on how to recognize their tactics, these incidents will continue to occur.
You can have the best physical and network defenses money can buy, yet human error can render all of it useless. Education on information security is a vital component of any cyber-defense strategy.
Featured image: Flickr / Radiobread