Exploit: Phishing
California State Controller: State Government Agency
Risk to Small Business: 2.412 = Severe
A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO). The agency announced that attackers had access to the email records of an employee in its Unclaimed Property Division after the employee clicked a phishing link and then entered their email ID and password.
Individual Risk: 2.309 = Severe
The breach may have led to the exposure of personal and financial data for thousands of state employees. There is also evidence that the account was used to conduct business email compromise scams.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Something as simple as one mishandled email can wreak havoc on your business. No matter how busy you are, training has to be a priority to avoid this consequence.
Source:
https://krebsonsecurity.com/2021/03/phish-leads-to-breach-at-calif-state-controller