Phishing attack results in breach at Michigan State University

Oct 28th, 2013 / Category: Email Encryption

Businesses are not the only ones vulnerable to security breaches - even higher education institutions can fall victim to highly sophisticated attacks. The Michigan State University police department recently stated that two employees received an email confirmation asking for their IDs and passwords to change their direct-deposit information. This data was then used to modify the university's HR and payroll system.

The police department indicated that the university believes that there is no evidence to suggest that a system-wide breach occurred. To make sure this remained the case, the system was taken offline from October 18 to the morning of October 21.

Employees are often the reason why organizations experience security breaches in the first place. Many of such incidents are not malicious in nature, but the impact of these events is certainly cause for concern. Secure file sharing tools make sure that any information sent, received or stored is safeguarded against exposure. These solutions are also easy to use so staff members will not have trouble accepting them as standard options for their daily tasks.

Phishing attacks a real problem
Phishing attacks are a popular method used by cybercriminals. In an interview with Ars Technica, a Microsoft spokesperson indicated that attackers are highly sophisticated when it comes to obtaining sensitive information.

"Criminals attempt to victimize our customers in various ways and we've found the vast majority of attacks are through phishing, malware infected machines, and the reuse of passwords on third-party sites - none of which are helped by very long passwords," the spokesperson told the news provider.

If employees fall for phishing emails, companies may find themselves losing business if they cannot protect consumer information. In addition to experiencing hefty compliance fines for exposing customer data, firms can receive public backlash if they fail to safeguard sensitive content.

That is why organizations should do all they can to minimize the potential impact of security attacks. Secure file sharing tools are ideal for corporate environments, which cannot be said for consumer-grade options such as Dropbox. Although these solutions are easy to use, they simply lack the protection of the enterprise options. Firms would be wise to communicate with personnel that they must follow corporate policies to not only keep customer content safe from theft, loss or exposure, but business data as well.