A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts.
A notice of breach posted by the California State Controller’s Office.
In a “Notice of Data Breach” message posted on Saturday, Mar. 20, the Controller’s Office said that for more than 24 hours starting on the afternoon of March 18 attackers had access to the email records of an employee in its Unclaimed Property Division after the employee clicked a phishing link and then entered their email ID and password.
“The SCO has reason to believe the compromised email account had personal identifying information contained in Unclaimed Property Holder Reports,” the agency said, urging state employees contacted by the agency to place fraud alerts on their credit files with the major consumer bureaus. “The unauthorized user also sent potentially malicious emails to some of the SCO employee’s contacts.”
The SCO responded in an email that no state employee data was compromised.
“A single employee email account was briefly compromised by a spear phishing attack and promptly disabled,” SCO spokesperson Jennifer Hanson said. “SCO has notified the employee’s contacts who may have receive ..
Support the originator by clicking the read the rest link below.
