In recent weeks, an Idaho Transportation Department Division of Motor Vehicles employee email account was compromised through an external phishing attempt.
In early January, ITD learned that an unauthorized individual used a phishing scheme to gain potential access to an employee’s email account. ITD secured the employee’s email account, reported the incident to law enforcement and the Department of Administration, and engaged a leading computer forensic firm to assist the agency.
In this incident, the attack came out of Nigeria and convinced an employee to give up their credentials.
The initial phase of the investigation determined the information of some customers could have been accessed by a third-party. Since that time, no abuse or theft had been reported. The investigation also determined that access was limited to a single employee email box and 89 customer’s potential information. ITD contacted potentially affected customers offering free credit monitoring.
This event is a good reminder that everyone is under constant threat whether at work or at home to this type of event. Think before you click and if you feel something isn’t right in the workplace, reach out to cyber security.
For more information, please contact ITD Communication Manager Vincent Trimboli at 208.334.8817.