Cyber Incident Victim: The Home for the Little Wanderers
Date:
Nov 2020
Location:
United States of America
Summary
Unauthorized access to employee email accounts occurred over a period spanning several weeks, impacting data security at a Massachusetts-based organization. The breach was detected following unusual activity, prompting an investigation with third-party forensic experts that confirmed unauthorized access but could not confirm whether any emails or attachments were viewed. A comprehensive review of affected accounts is ongoing to identify potentially exposed personal information. Notification letters are being sent to impacted individuals as they are identified, advising vigilance against identity theft and fraud. The organization is reviewing and enhancing its security policies and safeguards to prevent future incidents.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Home for Little Wanderers detected unusual activity within an employee's email account on or around December 28, 2020. The organization promptly initiated an investigation with assistance from third-party forensic specialists to assess the nature and scope of the incident. Forensic analysis confirmed unauthorized access to certain email accounts occurred between November 10, 2020, and December 31, 2020. Investigators could not determine whether any emails or attachments within the compromised accounts were viewed by unauthorized parties. As a precautionary measure, The Home launched an extensive review of the affected email accounts to identify any personal information contained within them and determine which individuals might be impacted. This review remained ongoing at the time of the organization's public notification on February 26, 2021. The Home proceeded with notification efforts despite the incomplete review based on the expectation that personal information would be found within the accessed accounts.
On February 26, 2021, The Home began mailing notification letters to affected individuals for whom mailing addresses were available, with plans to continue notifications as additional impacted parties were identified through the ongoing account review. The notifications advised recipients to monitor financial accounts, credit reports, and insurance statements for suspicious activity and provided contact information for the three major credit bureaus. Specific instructions were included for obtaining free credit reports and placing fraud alerts or security freezes. The notice also listed resources such as the Federal Trade Commission's identity theft website and hotline, along with guidance to report suspected identity theft to law enforcement or state attorneys general. Concurrently, The Home announced it was reviewing existing security policies and evaluating additional safeguards to prevent similar incidents in the future. No specific details regarding the number of affected individuals, types of compromised data, or technical aspects of the attack were disclosed in the public notification.