By Eduard Kovacs on February 25, 2021
Silicon Valley-based venture capital giant Sequoia Capital said the recently disclosed data breach was apparently the result of a business email compromise (BEC) attack attempt.
The company informed investors last week that their personal and financial information may have been accessed after an employee fell victim to an email phishing attack.
In a data breach notice sent to impacted individuals, a copy of which has been submitted to attorney general’s offices, Sequoia revealed that it learned of unauthorized access to an employee’s business email inbox on January 20, 2021.
The company believes the breach was part of a “wire diversion scam,” which is a type of BEC attack where hackers typically pose as an executive or a trusted vendor and attempt to trick an employee into wiring money to a bank account they control instead of a legitimate account. The fraudulent transaction may be related to paying a vendor, making a large purchase, or making a deposit.
Full Article
https://www.securityweek.com/venture-capital-giant-sequoia-targeted-bec-attackll Article: