Ostra Cybersecurity

Cybersecurity Training Company SANS Hit by Phishing Attack

/in /by

The cybersecurity training company SANS has fallen victim to a data breach. The attack started after a successful phishing scam against one of SANS employees. The breach compromised over 28,000 records of personal identifiable information, like names, emails, phone numbers, and addresses. No sensitive information like credit card info or login credentials were exposed.

The cybersecurity training company detected the breach during a systematic review of its email configuration. Where they found that 513 emails were forwarded to an unknown email address. This means that the company did not even know there was a breach until they found it on accident. “After finding the activity, SANS said it’s IT and security team deleted the forwarding rule as well as a malicious O365 add-in”. This breach is surprising for a company like SANS, whose employees should be very informed and alert to phishing scams.

This incident shows that no organization is immune from a cyberattack, even companies that specialize in the information security industry. Phishing attacks rely on human error which is what makes social engineering attacks so dangerous to organizations. If an employee at a cybersecurity training company can fall victim, then so can anyone else.

Many employees are working from home which can make it hard to conduct the cybersecurity training necessary.

”With remote working, the proper training is more essential than ever. In the case of phishing attacks, training should include phishing simulations where employees are taught how to respond to suspicious emails.”

Even with extensive employee training, training just isn’t enough.

Protect your business with a cybersecurity solution

With today’s increased risk of a phishing scam it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Your business has a greater chance now than ever to be targeted for a phishing scam or worse. Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do.

Ostra protects your company from all threats including the number one way attacks can happen; email.

Want to find out more? Contact us today at protection@ostra.net

News Article

You might also like
“Who Can You Trust” – A Hacks and Hops Session Recap
Ostra-cybersecurity-in-education-998x681pxThe Challenge of Cybersecurity Education at Colleges
Ostra Company NewsPRESS RELEASE: Ostra Cybersecurity Secures Capital to Bring Fortune 100-Caliber Protection to Small and Mid-Sized Businesses
title slideFireside Chat: Building Your Community in the Cyber Wild
Ostra-largest-medical-cyberattack-998x681pxLargest Medical Cyberattack in US History?
Travel Management Firm CWT Pays $4.5 Million to Hackers

Ostra Cybersecurity, Inc.
6101 Baker Rd, Suite 202
Minnetonka, MN 55345
contact@ostra.net
(866) 336-7872

Access our Partner Portal
Subscribe to Our Newsletter
Twitter Could Pay $250 Million for Using Private Information for Advertisin...Cloud Service Costs Rise During Pandemic