Security training body Sans Institute hit by data breach

The Sans Institute, a provider of cyber security training and certification services, has shown that even security professionals are not immune to compromise, after losing approximately 28,000 items of personally identifiable information (PII) in a data breach that occurred after a single staff member fell victim to a phishing attack.

The organisation, which has established a reputation as one of the most important sources of security training in the world, uncovered the leak on 6 August 2020, when it was conducting a systematic review of its email configuration and rules.

During this process, its IT team spotted a suspicious forwarding rule and a malicious Microsoft Office 365 add-in that together were able to forward 513 emails from a specific individual’s account to an unknown external email address before being detected.

In its disclosure, the organisation said: "We have identified a single phishing email as the vector of the attack. As a result of the email, a single employee’s email account was affected. Aside from the affected user, we currently believe that no other accounts or systems at Sans were compromised."

Point3 Security strategy vice-president, Chloé Messdaghi, said: "The takeaway is that we all need to stay aware and humble – if a phishing attack can snag someone at the Sans Institute, it can happen to any of us who let our guard down."

Full article on https://nationalcybersecuritynews.today/security-training-body-sans-institute-hit-by-data-breach-education-computertraining/

#sans #cybersecurity #training #phishing #yokdata #blog