Exploit: Account Takeover
Federal Bureau of Investigation (FBI): Federal Government Agency
Risk to Business: 1.417= Severe
A shocking email security breach at the US Federal Bureau of Investigation (FBI) led to the takeover of a user account. The cybercriminals that accomplished the feat were able to use that compromised email account to send tens of thousands of fraudulent emails warning recipients of impending cyberattacks. Messages reached celebrities like Jay Z and journalists including investigative reporter Brian Krebs. The Bureau later confirmed that its Law Enforcement Enterprise Portal (LEEP) was compromised in a cyberattack Friday. FBI officials were quick to stress the fact that the malicious emails originated from an FBI-operated server that was solely dedicated to pushing notifications for LEEP and not part of the FBI’s corporate email service.
Individual Impact: No consumer PII or financial data loss was disclosed in this breach as of press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business: This incident shows that no organization is immune to a cyberattack, and even the best defenses can fail.
Source: Washington Post