All names and details have been withheld to protect identities
An FSB member reached out to the FSB Cyber Protection helpline looking for assistance following an incident in which an email account had been hacked, allowing the attacker to access a significant amount of HR information.
The incident had occurred following a migration of the HR departments systems from on premises to the cloud and ported to Office 365. Some of these systems had weak passwords attributed to them which had never been intended to be assigned to accounts accessible off premises, and exploiting this had allowed the attacker to gain access. They had specific questions around the forensic abilities that Office 365 had in order to understand the extent of the attack.
What did FBS Cyber Protection do?
Our helpline informed the member that Office 365 does have event logging capabilities, and advised them to reach out to Microsoft Support to ensure that this had been enabled on the account.
We advised the member to change all passwords attached to the account and enable two factor authentication to ensure that future incidents can be mitigated.
What was the outcome?
FSB Cyber Protection armed the member with all the necessary advice and expertise necessary to enforce preventative measures against similar attacks going forward, including changing passwords, enabling two factor authentication and performing a full audit of accounts.
If you’re concerned about your email security, you can read our guide to protecting yourself against phishing scams.