Aspire Health Employee Email Hacked 4 Actions to take now

It came to light yesterday, through a suit filed in federal court, that the email of an Aspire Health employee was hacked this month and that lead to 124 emails being forwarded outside of the organization to a Gmail account.  Aspire Health has not disclosed the content of those emails publicly but no doubt some contained protected health information.  The suit has been filed against the unknown hacker and Google is being subpoenaed to provide identifying information about the eastern European attacker.

Forrest Sanders sought out Don Baham, President of Kraft Technology Group, to provide his perspective on the incident.  “Unfortunately, yes, it’s becoming commonplace,” said Don Baham of KTG. “Certain individuals may be targeted or it may just be a blanket approach, seeing how many folks inside a company they can get to click on a link or enter credentials and find out more insider information about that company. If this person has access to intellectual property or financial information, it could be a huge risk to a company.”  Read the full story on WSMV Channel 4 Nashville here.

Here are four actions your business can take now to prevent this same type of phishing attack from being successful against one of your employees:

1. Make sure you are using modern authentication in Office 365
2. Enable two-factor authentication (multi-factor authentication) in Office 365 using the Microsoft Authenticator app or other third-party apps
3. Block access to your Office 365 tenant based on the country using conditional access policies
4. Disable auto-forward rules for remote domains in Exchange Admin Center in Office 365

If your business needs help to implement these security measures within Office 365, please reach out to us for guidance.