Chester County government’s computer system was breached via an internet bug that led to intense work by county computer specialists over Presidents Day.
But there was no evidence that county information had been accessed or compromised.
County employees were instructed not to open any attachments in emails that were in their county accounts.
The organization worked to assess the damage the malware had done, if any, where it came from, and which computers it may have affected.
In addition, the county decided to restrict what county employees can use their county-owned computers for – disallowing any personal use during work time to pay bills, read non-work emails, or visit personal websites.
Source: https://www.dailylocal.com/2019/02/20/malware-breach-strikes-chester-county-computers/
TPRM report: https://scoringcyber.rankiteo.com/company/chester-county-government
"id": "che24516223",
"linkid": "chester-county-government",
"type": "Breach",
"date": "02/2019",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Public Administration',
'location': 'Chester County',
'name': 'Chester County Government',
'type': 'Government'}],
'attack_vector': 'Internet bug',
'date_detected': 'Presidents Day',
'description': 'Chester County government’s computer system was breached via '
'an internet bug that led to intense work by county computer '
'specialists over Presidents Day. There was no evidence that '
'county information had been accessed or compromised. County '
'employees were instructed not to open any attachments in '
'emails that were in their county accounts. The organization '
'worked to assess the damage the malware had done, if any, '
'where it came from, and which computers it may have affected. '
'The county decided to restrict what county employees can use '
'their county-owned computers for – disallowing any personal '
'use during work time to pay bills, read non-work emails, or '
'visit personal websites.',
'impact': {'operational_impact': 'Restriction on personal use of county-owned '
'computers'},
'initial_access_broker': {'entry_point': 'Internet bug'},
'investigation_status': 'Ongoing',
'response': {'containment_measures': 'Instructed employees not to open any '
'attachments in emails',
'remediation_measures': 'Restricted personal use of county-owned '
'computers'},
'title': 'Chester County Government Computer System Breach',
'type': 'Malware',
'vulnerability_exploited': 'Unknown'}