Hackers stole about $4.2 million in funds from the Oklahoma Law Enforcement Retirement System (OLERS) for retired Oklahoma Highway Patrol troopers, according to Claims Journal. OLERS has more than 1,500 retirees and contains more than $1 billion in funds.
The report did not indicate whether OLERS leverages a third-party MSSP (managed security services provider) to monitor and safeguard its network and email systems.
The data breach occurred August 26 after an OLERS employee’s email account was hacked, The Oklahoman reported. No pension benefits to OLERS members or beneficiaries have been impacted or put at risk due to the data breach.
FBI officials are investigating the security incident, and to date, OLERS has recovered about $477,000 of the stolen funds.. Furthermore, OLERS employees are receiving cybersecurity training, The Oklahoman noted.
What Can Organizations Learn from the OLERS Data Breach?
Cybercriminals are targeting all organizations, of all sizes and across all industries. As such, organizations must allocate time and resources to understand their security risks and plan for cyberattacks.
Organizations also can leverage a variety of resources to combat cyberattacks. For example, the U.S. Department of Homeland Security (DHS) recently offered the following recommendations to help organizations protect their data and systems against cyberattacks:
- Conduct frequent backups of systems and files.
- Store all backups on a separate device like an external hard drive to ensure that they are inaccessible from a network and cannot be corrupted during a cyberattack.
- Provide regular, mandatory cybersecurity awareness training sessions to keep employees up to date about evolving cyber threats.
MSSPs can work with organizations to craft custom security strategies as well. In doing so, MSSPs can empower organizations with the support they need to minimize security risks.