Calif. Controller's Office Breached in Spear Phishing Attack

The breach came after an employee in the office's Unclaimed Property Division was targeted by a "spear phishing" attack. The office is notifying 9,192 people whose information might have been accessed.

cybersecurity_red_lock
Shutterstock/Michael Traitov
(TNS) — A hacker accessed personal identifying information of up to about 9,000 people in California last week, according to the State Controller's Office.

The breach came after an employee in the office's Unclaimed Property Division was targeted by a "spear phishing" attack Thursday, said Jennifer Hanson, a spokeswoman for the office.
 
The division safeguards about $10 billion worth of lost or forgotten properties, including money in bank accounts, stocks, bonds, never-cashed checks, insurance benefits, wages and safe deposit box contents.
 
The office is notifying 9,192 people with unclaimed property whose information might have been accessed, and has contacted about 9,000 people in the employees' contacts list, some of whom received emails from the account during the time it was hacked, Hanson said. "The unauthorized user did have access to information that could help someone submit a claim for unclaimed property," Hanson said in an email. "However, in most cases it would not be enough information for them to complete a claim."
 
The office has put in place additional security measures to protect the property of the people who were affected by the breach, she said. The hacker sent the employee an email that looked like it came from an organization the employee had conducted business with on behalf of the state in the past, she said. The unauthorized user had access to the email from Thursday afternoon to Friday afternoon, according to a notification on the Controller's Office web site.
 
The office's IT security team was able to determine that none of the employee's files outside their email were accessed, Hanson said. The office is telling the people it contacts about the breach to monitor their accounts and to request that credit bureaus place fraud alerts on their accounts.
 
"Controller (Betty) Yee would like to take this opportunity to remind everyone that bad actors are using ever-more-convincing methods to gain access to information," Hanson said in an emailed statement. "Be cautious clicking on a link or attachment you are not expecting — even if it appears to come from a trusted source. The best course of action is to check with the supposed sender first."
 
©2021 The Sacramento Bee, Distributed by Tribune Content Agency, LLC.