Hackers Make a Withdrawal: Over 150,000 Treasury Emails Compromised!
Unknown attackers accessed over 150,000 emails from the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023. While initially downplayed, sources revealed the breach was more extensive than reported. It involved an email system administrator’s account, allowing the hackers to monitor communications far beyond the limited accounts initially disclosed.
Hot Take:
Well, it looks like the Treasury’s Office of the Comptroller of the Currency (OCC) had a little more excitement in their inbox than they bargained for! When cyber attackers start treating emails like an all-you-can-read buffet, it’s time to rethink those digital locks. Maybe next time, they’ll consider a password stronger than “123456” or “password”, because clearly, someone was playing peekaboo with their emails!
Key Points:
- Cyber attackers accessed over 150,000 emails from the OCC after breaching an email system administrator’s account.
- The OCC initially reported a limited impact, but investigations revealed more accounts were compromised, affecting around 100 bank regulators’ emails.
- The breach was reported to the U.S. Cybersecurity and Infrastructure Security Agency as a cybersecurity incident.
- Silk Typhoon, a Chinese state-backed hacking group, linked to a separate breach using a stolen API key to compromise a BeyondTrust instance.
- The OCC’s incident is among a series of cyber attacks targeting the Treasury Department in recent years.