top of page

SANs Institute lost 28,000 records of PII



On Aug 6, 2020, the SANS Institute reported a data incident that caused 513 employee emails from Microsoft Outlook 365 to be forwarded to an unknown external email address. SANS Institute specializes in information security, cybersecurity training, and selling certificates. The exposed emails contained 28,000 records of customer personally identifiable information (PII). The data incident was caused by a phishing email that maliciously gave an O365 Add-In access to forward emails to a 3rd party. A representative at SANS stated, “We have identified a single phishing email as the vector of the attack. As a result of the email, a single employee’s email account was affected. Aside from the affected user, we currently believe that no other accounts or systems at SANS were compromised. ”

They stated affected parties have been notified by email and no passwords or account information was lost. You can read more about the incident here.


The important thing to take away from this unfortunate incident is that companies of all sizes can use this as a teachable moment.






HacWare measures risky behaviors and automates personalized cybersecurity education to combat phishing attacks. HacWare's smart technology can reduce your phishing responses by 60%.

Learn more about HacWare at www.hacware.com.

bottom of page