It’s big news when one of the largest organisations in the world offering IT certifications and security training gets hacked and this is what happened when an employee of the SANS institute recently fell victim to a phishing attack.
The hacker configured a rule to auto-forward emails from the hacked account. This led to an unknown third party receiving 28000 records of personally identifiable information. These types of rules are a common tactic among hackers, so we are updating our security recommendations.
We recommend blocking the creation of these auto-forward rules. Once enabled, neither you nor an attacker will be able to create a rule that automatically forwards email to an email address outside your organisation, but you can still manually forward emails as needed.
If you are participating in a Quarterly Business Review process, you are already protected from this rule so, if you’re not yet meeting with us regularly and you would like to get more value out of CCP, contact us about starting a QBR process where we create a plan to achieve your goals faster.
For your reference, their data breach notification is a textbook response on what you are legally required to do when you get hacked. Check it out here.