The phishing scam was able to mimic an employee’s email signature and utilized the employees email account during the attack. The attack was isolated to one employee’s email account.
The phishing scam attack lasted approximately 5 minutes. Once alerted to the issue, Goochland IT staff immediately locked the employee’s hacked account and established new working credentials to eliminate the threat. In addition, Microsoft’s built in defenses kicked in to freeze any and all outbound traffic on the compromised account. No additional County data, files, or sensitive information were compromised during this event.
The County takes its technology security extremely seriously and it is our priority to instill trust to our citizens, employees, and other customers that we operate within a secured and protected environment. County IT staff have located the source of the threat and have blocked any and all of its access to our systems. In addition, the County has taken proactive steps to identify and mitigate any future attacks. These efforts include: additional advanced threat protection layers for both inbound and outbound emails, upgraded spam email protocols and email authentication factors, and are actively engaging additional assistance from Microsoft Support to assist us with this incident.