This site is currently using a generated translation

Who read my email? A tale of ID hijacking

Like in a fairy tale, with a troll, a sudden awakening and a happy ending, we want to tell you about a real company that was hit by an identity theft. Although ID hijacks are common, stories of victims are rarely heard, perhaps because being hijacked is both difficult and a little embarrassing.

Our main character is Johan, a member of the management team of a medium-sized company in the south of our vast country. Our company has a long history in the manufacturing industry with happy employees and satisfied customers. The company has moved with the times and in the last year started to move its IT to the cloud. The solution that was migrated to the cloud consisted of a few file servers, an email server and intranet, which is what most companies have. Like many others, the result was a hybrid solution with both private and public clouds with large and well-known cloud providers.

A gap in security

With the move to the cloud came all the benefits that a cloud move offers. Smoother information sharing and collaboration, no running your own servers, updated systems and applications and a whole host of other goodies. Work went on as usual - maybe even a little better.

One day, Johan discovered that some emails in his inbox were marked as read. "Strange, I haven't read those emails," Johan thought, but didn't make a big deal of it. The thought that he had been the victim of ID hijacking was far from his mind. But it happened again and it became clear that something was not right. Someone had been in and read his emails! The entire work of the management team was leaked outside the company walls: strategies, budgets and launch plans.

When the IT department was brought in, it became painfully obvious that security had been left behind by the move to the cloud and the restructuring of IT. How someone had got hold of Johan's login was impossible to figure out, but unfortunately it was clear that someone had targeted Johan. It wasn't some troll factory in the East that did the ID hijacking or a bot that vacuumed the net for unencrypted data. It was probably someone who knew about the company, perhaps even Johan.

It was time to kick the old man to the curb

The IT department worked diligently and quickly implemented new procedures. The first step was to change passwords. Then two-factor authentication was introduced for logging in with a password and security code sent to the mobile phone. To further protect Johan, a monitoring policy was implemented where the system warns and locks the account if two logins occur at short intervals from different geographical locations. It is not reasonable to log in one moment in Sweden and the next log in from abroad.



SecureIT Guide
In addition, the management team and all key personnel had additional protection activated. To ensure that no one else in the company had been affected, IT searched all systems and read a lot of logs. Fortunately, no further breaches or ID hijacking cases were found. Many of the company's employees also wanted their accounts to be protected. They want to feel safe even if they don't engage in risky behaviour.

New security tools were installed that encrypt sensitive data in the cloud and manage two-factor authentication, password rules and a user monitoring policy. Because we are all human and can sometimes be a little naive and careless.

This is not just a happy ending but the start of a safe journey

Today, safety is on the agenda at all company management meetings. Everyone understands that the new IT landscape requires constant review and vigilance. And security that used to feel clumsy and difficult, became easy and agile with new smart tools. The company now effectively protects its users from identity theft, their devices from intrusion and data from leaking. Security works well in everyday life without limiting the ability to work. IT understands that no one wants to work in locked systems and management sees security as a business-critical management issue.

As an extra measure, the company started to train its staff in IT security, not only how the system works but also how best to avoid unnecessary risks. The training is based on use cases, user scenarios, similar to the company's own operations to ensure relevance and understanding.

Now they can work confidently in the cloud and take full advantage of the digital future. We may never know who hacked Johan's email, but the risk of it happening again to Johan's company is now vanishingly small. So remember to be careful when venturing into the cloud or online, you never know where a troll might be lurking.

At AddPro, we want to protect you from ID hijacking, attacks and threats, while helping you take advantage of all the benefits of a modern way of working. Download our guide here or sign up for our SecureIT workshop as a first step to getting security on the agenda. Prevent the trolls and close the gaps. Sign up here, today, because it's not a good idea to wait.