The Minnesota Department of Human Resources has suffered a data breach. Reports from yesterday state that an employee of their department fell for a phishing email that gave the attacker access to the employee’s state email account. The account had access to the information of families and people that the department had assisted. The attacker used the account to send out spam emails to contacts on his address book, but the email contents were not released. The department did not know exactly what type of data the attacker accessed or if any data was leaked. The account had access to social security numbers, driver’s license numbers, names, dates of birth and phone numbers. The account has since been secured and they are investigating the breach. Last year, the same department had the information of 21,000 clients stolen. This department provides services to some of Minnesota’s most vulnerable populations, leaving them exposed if this demographic gets compromised.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased