SANS Institute is planning to create webinar and training material on the lessons learned in this incident. An employee was tricked by a phishing attack in late July, which gave hackers partial access to the worker’s Office 365 account. SANS found that 500 emails from the employee’s account were forwarded, including emails that exposed the data of 28,000 customers. The personal information in those emails contained details such as names, work titles, company names, industry, industry and country of residence.”]
Source: https://www.cuinfosecurity.com/sans-institute-sees-its-breach-as-teachable-moment-a-14818