Odessa City officials announced late Sunday night that they are investigating a serious data breach believed to have been the result of a “former city attorneys forbidden access to the city of Odessa’s e-mail system after her termination.” City policy requires that the employee’s access to the City’s computer network be removed when that employee is terminated and that did not happen in this case.
The local MRT news outlet quoted the City announcement from Sunday, “accounts assigned to a terminated high-ranking employee have been recently accessed, and sensitive information was transferred” and “an investigation has been launched.” It appears that the former city attorney whose firing was the subject of a contentious council vote last week is the one under suspicion.
Carol Volk, EVP, BullWall had this comment:
“Much effort and expense goes into preventing external attackers from gaining access to sensitive data. What the City of Odessa breach reminds us of is that we must also acknowledge the potential risks posed by insiders. Municipalities and organizations alike must emphasize the importance of implementing strict access controls, regular monitoring, and employee awareness programs to mitigate both internal and external cyber threats effectively. By adopting a comprehensive approach to cybersecurity, organizations can fortify their defenses against a wide range of potential risks and safeguard sensitive information from unauthorized access or compromise.”
Insider threats are on the rise. So that means organizations need account for those threats when they plan out and implement defences to cyberattacks. Because these days you can’t trust anyone.
Like this:
Like Loading...
Related
This entry was posted on July 18, 2023 at 8:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Odessa City Pwned By An Insider
Odessa City officials announced late Sunday night that they are investigating a serious data breach believed to have been the result of a “former city attorneys forbidden access to the city of Odessa’s e-mail system after her termination.” City policy requires that the employee’s access to the City’s computer network be removed when that employee is terminated and that did not happen in this case.
The local MRT news outlet quoted the City announcement from Sunday, “accounts assigned to a terminated high-ranking employee have been recently accessed, and sensitive information was transferred” and “an investigation has been launched.” It appears that the former city attorney whose firing was the subject of a contentious council vote last week is the one under suspicion.
Carol Volk, EVP, BullWall had this comment:
“Much effort and expense goes into preventing external attackers from gaining access to sensitive data. What the City of Odessa breach reminds us of is that we must also acknowledge the potential risks posed by insiders. Municipalities and organizations alike must emphasize the importance of implementing strict access controls, regular monitoring, and employee awareness programs to mitigate both internal and external cyber threats effectively. By adopting a comprehensive approach to cybersecurity, organizations can fortify their defenses against a wide range of potential risks and safeguard sensitive information from unauthorized access or compromise.”
Insider threats are on the rise. So that means organizations need account for those threats when they plan out and implement defences to cyberattacks. Because these days you can’t trust anyone.
Share this:
Like this:
Related
This entry was posted on July 18, 2023 at 8:48 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.