Modernizing Authentication — What It Takes to Transform Secure Access
Bloomberg's Silla Brush reports that the U.S. Commodity Futures Trading Commission (CFTC) was hit by a data breach last month that provided attackers with access to sensitive information on CFTC employees.
"A CFTC employee received a 'phishing' e-mail on May 21 and input information to a fraudulent website, according to a copy of an e-mail sent to agency employees that described the incident," Brush writes. "A third party was then able to illegally enter the employee’s account, which had access to personnel information, according to the agency’s description of the incident."
"The hijacked email account contained emails and attachments with the names, Social Security numbers and other personal data belonging to CFTC employees, according to the agency's account of the event," writes SC Magazine's Marcos Colon. "An agency spokesman said the compromised information did not include any trading or market data."
"The CFTC has about 700 employees and regulates commodity futures and options markets in the US," Infosecurity reports.
"As has become routine in situations like these, the CFTC claims it will bolster its security and contract a credit monitoring company to offer identity protection for affected employees," writes Threatpost's Christopher Brook. "The CTFC has said it will also offer training for its employees, especially those who handle personal information, in hopes of preventing any similar incidents from happening again in the future."