Cyber attackers appear to have accessed personal data on 182 injured employees, North Dakota’s department of Workforce Safety & Insurance (WSI) announced Friday, Aug. 19.
The incident occurred on June 28, when a WSI employee opened a malicious email attachment. The successful phishing attempt let attackers access information in the recipient’s emails and voicemails.
Those messages included personal details related to processing 182 individuals’ injured employee claims, and the agency reached out to notify the affected individuals, WSI said in an FAQ about the incident.
The state was able to detect the incident in time to contain the damage.
After opening the malicious attachment, the WSI employee detected “unusual activity” on their computer and informed the WSI Help Desk. Their computer was then “secured and removed from the state network,” and WSI connected with the North Dakota Information Technology (NDIT) Cyber Analysis and Response team, which conducted a forensic analysis of the impacted device, WSI said.
NDIT determined that the rest of the state network was spared from the attack, which did not spread beyond the initial computer.
WSI said it is offering impacted employees 12 months of identity theft protection, fully managed identity theft recovery services and a $1 million insurance reimbursement policy for identity theft losses. Data breach and recovery services firm IDX is providing these services.
