Phishing Scheme Gains Entry To Oregon Judicial Department Emails


Aubrey Wieber at the DemocratHerald reported: "A phishing scheme succeeded in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information of more than 6,000 people.

A forensic team determined that none of the information has been used in an inappropriate way so far.

The attack occurred at 4:30 a.m. July 15. Within three hours, department staff had closed the breach. In the weeks since, the department hired a forensic team to analyze the impacts of the breach.

They found 6,607 people were impacted. Names, birthdates and some financial information were exposed, according to a department news release. In rare cases, health information and social security numbers were exposed.

“We’ve had instances where people forward tax returns in emails,” Acting Deputy State Court Administrator Phil Lemman said. “That’s not something we like them to do but it does happen, and in cases like this it can get exposed.”

Originally a private attorney had their email account hacked

Lemman said originally a private attorney had their email account hacked. The hackers gained access to the attorney’s address book, and sent an email to workers in the state court system. That effort gained entry to a Washington County Circuit Court administrative staffer’s account.

The email was then sent to Judicial Department staff, and five employees took the bait. Lemman said he didn’t know if they clicked a link, but said the five entered their usernames and passwords, which hackers were able to access.

Cyber security software caught the intruder quickly, and one employee alerted the department’s technical support team, Lemman said.

Lemman said that state law requires the department to alert those who had information compromised within 45 days of the attack, but it also requires the department to identify those people and what information was compromised. That’s why the announcement is coming weeks after the attack, Lemman said.

Some of the exposed information belongs to department employees, and some comes from those interacting with the court system. Some of the information deemed “private” by law is also public record, like arrest rosters, he said.

The attackers did not gain access to any of the department’s internal systems.

The department is offering victims of the scheme a year of credit and internet monitoring services, an insurance policy reimbursing them for up to $1 million in potential financial damage and identity theft recovery services.

Lemman said the department is not happy to be added to the list of organizations hit by phishing schemes, but he’s glad it was caught early and the damage was limited.

Full story at:

Will your users respond to phishing emails?

KnowBe4's new Phishing Reply Test (PRT) is a complimentary IT security tool that makes it easy for you to check to see if key users in your organization will reply to a highly targeted phishing attack without clicking on a link. PRT will give you quick insights into how many users will take the bait so you can take action to train your users and better protect your organization from these fraudulent attacks!

PRT-imageHere's how it works:

  • Immediately start your test with your choice of three phishing email reply scenarios
  • Spoof a Sender’s name and email address your users know and trust
  • Phishes for user replies and returns the results to you within minutes
  • Get a PDF emailed to you within 24 hours with the percentage of users that replied

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews