Cybersecurity Training Company SANS Hit by Phishing Attack

/in /by

The cybersecurity training company SANS has fallen victim to a data breach. The attack started after a successful phishing scam against one of SANS employees. The breach compromised over 28,000 records of personal identifiable information, like names, emails, phone numbers, and addresses. No sensitive information like credit card info or login credentials were exposed.

The cybersecurity training company detected the breach during a systematic review of its email configuration. Where they found that 513 emails were forwarded to an unknown email address. This means that the company did not even know there was a breach until they found it on accident. “After finding the activity, SANS said it’s IT and security team deleted the forwarding rule as well as a malicious O365 add-in”. This breach is surprising for a company like SANS, whose employees should be very informed and alert to phishing scams.

This incident shows that no organization is immune from a cyberattack, even companies that specialize in the information security industry. Phishing attacks rely on human error which is what makes social engineering attacks so dangerous to organizations. If an employee at a cybersecurity training company can fall victim, then so can anyone else.

Many employees are working from home which can make it hard to conduct the cybersecurity training necessary.

”With remote working, the proper training is more essential than ever. In the case of phishing attacks, training should include phishing simulations where employees are taught how to respond to suspicious emails.”

Even with extensive employee training, training just isn’t enough.

Protect your business with a cybersecurity solution

With today’s increased risk of a phishing scam it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Your business has a greater chance now than ever to be targeted for a phishing scam or worse. Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do.

Ostra protects your company from all threats including the number one way attacks can happen; email.

Want to find out more? Contact us today at protection@ostra.net

News Article

You might also like
Twitter Could Pay $250 Million for Using Private Information for Advertising
When It Comes To Cyber Training, It’s Quality Over Quantity
With cyberattacks up during COVID-19, Ostra offers free cybersecurity solution for local businesses
Ostra-legislation-security-standards-998x681px House Passes Legislation To Set Internet Of Things Security Standards
Tesla Employee Prevents Massive Ransomware Attack
Hackers are Selling Your Data to the Highest Bidder

Contact

Ostra Cybersecurity, Inc.
6101 Baker Rd
Suite 202
Minnetonka, MN 55345

contact@ostra.net    (866) 336-7872

Subscribe to our Newsletter

Get Social