Ever get an email and you’re not sure if you should open it? It happens to everyone. Last week, it happened to employees at an Oregon state agency tasked with running their foster care and welfare programs possibly exposing the personal information of thousands.
This data breach happened in January after nine employees clicked on “phishing” emails, which exposed their state email accounts to hackers. Some of the information that may have been exposed: first and last names, addresses, dates of birth, Social Security numbers, case number and other information used to administer DHS programs.
We know what you’re thinking: “Not good.” We couldn’t agree more.
Exploit: Employee phishing scam.
Oregon Department of Human Services (DHS): State agency of Oregon.
Risk to Small Business: 1.888 = Severe: Last Thursday, the Oregon DHS announced that it suffered a data breach after nine employees opened phishing emails and exposed their accounts to hackers. As a result, the social security and personal information of an undecided number of citizens could have been exposed. Along with having to inform the affected individuals, the state’s largest agency will be forced to upgrade security efforts and likely conduct cybersecurity training for employees.
Individual Risk: 2.571 = Moderate: The privacy breach could have included first and last names, addresses, DOBs, SSNs, and case numbers related to DHS programs. State residents should monitor their credit reports for possible payment fraud but will remain at risk.
Customers Impacted: To be determined
How it Could Affect Your Customers’ Business: In the wake of numerous phishing attacks resulting in privacy breaches, organizations storing personal information must take notice and begin protecting individuals. Employee phishing scams are entirely preventable with proper cybersecurity training, which can effectively mitigate the risk of breach. The case and ROI for phishing security solutions becomes intuitive when we consider the potential damages and costs.
Contrast to the Rescue: With our tools, we can simulate phishing attacks and conduct security awareness training campaigns to educate your employees, making them the best defense against cyber crime. Give us a call to get started: 570-966-1515