The Cybercrime Division in North Carolina is currently investigating a recent cyberattack on a vendor-managed system that occurred in May. The attack was discovered when the NC SBI agency network received an email alerting them to the breach, following prior warnings of compromised security.
Angie Grube from the SBI assured that no personal information was accessed during the breach, which occurred when data on a server was encrypted. The incident was limited to the vendor-managed system, and immediate action was taken to resolve the issue and secure the affected system. Fortunately, the breach did not extend to other systems managed by the SBI, safeguarding the overall security of their operations.
Maintaining the security and privacy of sensitive information is a top priority for the SBI, and ongoing efforts are being made to enhance security measures to prevent future incidents. Despite the breach, no Personally Identifiable Information (PII) was exposed during the attack.
In a separate incident earlier in the year, a Raleigh man filed a lawsuit against Advance Auto Parts after a data breach was announced. This was just one of five major cyberattacks in 2024 that impacted individuals in the area, including AT&T, Ticketmaster, CDK, and the Town of Apex.
Cyber security expert Darren Mott suggested that the breach may have originated from a supply chain issue, affecting the software and hardware essential for network functioning. Concerns were raised about whether personal data held by law enforcement agencies, like the SBI, was compromised in the attack. While law enforcement agencies are often targeted due to limited resources for network security, the SBI confirmed that none of their other systems were compromised in the breach.
Source link
