.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Know Your Breach: Ellington Management Group
Nov 17, 2023 9:17:50 AM
The Target: Investment management firm Ellington Management Group L.L.C.
The Take: Ellington determined that the following general categories of information may have been involved in the incident but are not relevant to every individual impacted: name, date of birth, Social Security number, medical information, and driver’s license number. In only three instances, non-Ellington financial account information may have been impacted.
The Vector: Ellington’s investigation determined that between July 18, 2023 and August 8, 2023, an unauthorized actor had access to a single Ellington email account for the demonstrated purpose of sending phishing emails. Ellington analyzed the email account and did not find any evidence of any data being downloaded, emails being forwarded, or the account being synced to other systems.
As phishing actors continue to explore every potential abuse opportunity on legitimate service providers, novel security gaps constantly threaten to expose users to severe risks. It is essential not to rely solely on email protection solutions, and also scrutinize every email that lands on your inbox, look for inconsistencies, and double-check all claims made in those messages.
