How would your business react to the realization that its company email had been hacked? Here’s how one Toronto firm responded to the situation.
What would you do if hackers had compromised your company’s online identity and sent a fraudulent email purporting to be from your business?
It’s a question Toronto firm J. Goss + Associates was faced with thisweek. As the p.r. and media services company explained on its blog, “atleast one email was bcc’d to a client fraudulently asserting arelationship between J. Goss + Associates and a company we don’t know.”A copy of the fake email is included in the blog posting we’ve linkedto below.
J. Goss + Associates took several steps to deal with the breach,including warning clients and other contacts, changing its Googlepassword and adopting a “double lock.” The company said it’s nowtrying to measure how widespread the data leak is and consultinglawyers “and tech authorities” on what other measures to take.
The firm’s efforts to notify its clients and contacts of the breachwere actually the way we learned of the incident: a warning ofthe leak landed in the Google+ feed of an editor here who’s presumablywithin the cirlce of contacts maintained by the firm or one of itsstaff.
It’s on the list of every company’s worst nightmares. Now we’re askingyou: what would you do? If you’ve already been a victim, how did yourbusiness handle it?