Meridian Community College notified that they have been hit by a cyber attack through an employee's email account which has breached some of their personal information.
The compromised information includes name, Social Security number, driver’s license number, passport number, date of birth, username or email and password, medical treatment information or health insurance information.
MCC becomes aware of a phishing incident that resulted in the compromise of certain user credentials, commences investigation, and works with third-party forensics firm.
Investigators cannot rule out access to certain employee email accounts, so MCC begins manually reviewing all emails and attachments in compromised email accounts.
"id": "MER16313423",
"linkid": "meridiancc",
"type": "Breach",
"date": "09/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"