[BreachExchange] Secret Service investigating hack of Atlanta Public Schools' employee paychecks

Destry Winant destry at riskbasedsecurity.com
Thu Oct 5 00:23:29 EDT 2017


http://www.11alive.com/news/education/officials-atlanta-public-schools-data-breach-could-impact-all-employees/480653956

The Secret Service and Georgia Bureau of Investigation have been
brought in to investigate a "phishing" scam that targeted Atlanta
Public Schools employees. Now there's fear that even more were
impacted than first thought.

The trick, known commonly as phishing involves creating a clone of an
official website to trick victims into sharing private data.

Officials believe it was this exact type of scam that targeted
Atlanta's vast school system and resulted in a data breach. At first,
school authorities believed that internet thieves lured about 40
unsuspecting employees into clicking on a fake link through the scam.
That was how they gained the information needed to redirect employees'
direct deposit to accounts set up by the thieves.

On Tuesday, however, that estimate was expanded to the entire school
system with fears that all employees could have at least some
information exposed.

"Unfortunately, it is impossible for the district to see what the
thieves actually accessed at this time, but it is apparent that the
breach extends beyond the original employees whose direct deposit was
impacted," the school said in a press release.

Now, top district officials are working with the Secret Service to
learn more about the breach and add security measures might prevent
another one in the future.


More information about the BreachExchange mailing list