{"id":487,"date":"2023-04-09T05:51:08","date_gmt":"2023-04-09T10:51:08","guid":{"rendered":"https:\/\/kentprotect.com\/?p=487"},"modified":"2023-04-09T06:18:49","modified_gmt":"2023-04-09T11:18:49","slug":"breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800","status":"publish","type":"post","link":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/","title":{"rendered":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+"},"content":{"rendered":"<div class='booster-block booster-read-block'><\/div>\n<p class=\"wp-block-paragraph\">(image source: Chippewa County Sheriff\u2019s Office (WEAU), 2023)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>One-sentence summary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Who was involved?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Chippewa County Human Resources Department&nbsp;employee, Chippewa County Human Resources Department, 842 potential Wisconsin (current or former) residents, and a threat actor. <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What was the timeline?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">February 28, 2023: Threat actor gains initial access to Chippewa County Human Resources Department&nbsp;employee&#8217;s computer via remote access tool<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">March 1, 2023: Breach is detected by the same Chippewa County Human Resources Department&nbsp;employee. The IT department rapidly responds. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">April 4, 2023: Chippewa County reports the breach to HHS<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>What occurred?<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool through an unknown method, giving a threat actor access to their county endpoint. The same employee noticed potential UI interaction from the threat actor and notified the county IT department that limited their actual access to five minutes (GovernmentTechnology, 2023). Unfortunately, up to 35 MB of data may have been exfiltrated and potentially included &#8220;medical history number, client name, drug prescribed, date signed and the doctor&#8217;s initials&#8221; belonging to over 842 potential Wisconsin residents (GovernmentTechnology, 2023; HHS, 2023). <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Estimated costs:<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Associated incident response costs, breach notification costs <\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Involved laws: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Federal: HIPAA and HITECH <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">State: Wisconsin: Wis. Stat. \u00a7 134.98<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Root cause: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Remote access tool installed by unknown method (potential phishing or drive-by download)<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Lessons learned: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">User awareness includes non-IT user post-breach awareness to recognize indicators of compromise. Network segmentation also pays off. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Further improvements: <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This incident is a great opportunity for EDR (endpoint detection and response) technologies. EDR could potentially detect the malicious download (i.e., remote access tool) and quarantine it before any access attempts took place. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Example Solutions<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CrowdStrike: <a href=\"https:\/\/www.crowdstrike.com\/products\/endpoint-security\/falcon-insight-edr\/\">https:\/\/www.crowdstrike.com\/products\/endpoint-security\/falcon-insight-edr\/<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">SentinelOne: <a href=\"https:\/\/www.sentinelone.com\/blog\/active-edr-feature-spotlight\/\">https:\/\/www.sentinelone.com\/blog\/active-edr-feature-spotlight\/<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Additionally, the is also an opportunity to train employees on cybersecurity user awareness to prevent similar attacks from manifesting from common human methods, such as phishing or drive-by downloads. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Example Solutions<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Knowbe4&nbsp;<a href=\"https:\/\/www.knowbe4.com\/products\/kevin-mitnick-security-awareness-training\/\">https:\/\/www.knowbe4.com\/products\/kevin-mitnick-security-awareness-training\/<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Proofpoint&nbsp;<a href=\"https:\/\/www.proofpoint.com\/us\/products\/security-awareness-training\">https:\/\/www.proofpoint.com\/us\/products\/security-awareness-training<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Finally, one cannot underestimate the value of 24\/7 MDR (managed detection and response) services, such as a SOC. A SOC could potentially receive and correlate EDR alerts, network logs, as well as email alerts via a SIEM in order to piece together a potential, successful phishing attempt. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Example Solution<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">CyberConvoy MDR (managed detection and response): <a href=\"https:\/\/cyberconvoy.com\/\">https:\/\/cyberconvoy.com\/<\/a><\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Sources: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Chippewa County Sheriff\u2019s Office (WEAU). (2023, February 6). <em>43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg<\/em>. WEAU 13 News. https:\/\/cloudfront-us-east-1.images.arcpublishing.com\/gray\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">GovernmentTechnology. (2023, April 6). <em>Chippewa County, Wis., Officials Report Data Breach<\/em>. GovTech. Retrieved April 9, 2023, from https:\/\/www.govtech.com\/security\/chippewa-county-wis-officials-report-data-breach<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">HHS. (2023, April 4). <em>Breach Portal: Notice to the Secretary of HHS Breach of Unsecured Protected Health Information<\/em>. U.S. Department of Health &amp; Human Services &#8211; Office For Civil Rights. Retrieved April 9, 2023, from https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf<\/p>\n\n\n\n<p class=\"has-medium-font-size wp-block-paragraph\"><strong>Commentary: <\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This attack is a great example of where a victim can turn around a breach by notifying their employer or IT department of a potential incident. Sure, it is embarrassing to fall victim to a phishing attempt. But so much more damage can be prevented by reporting it. This awareness and responsiveness should be included in user awareness training for end-users (not just preventing breaches). Chippewa County also appears to have a good network segmentation in place to confine the breach to just that employee&#8217;s endpoint. Additionally, this is a great example of government transparency.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/YSy0LfgxfYQ?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">YouTube\/Blog Notification Post<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>(image source: Chippewa County Sheriff\u2019s Office (WEAU), 2023) One-sentence summary: In February 2023, a Chippewa County HR employee<\/p>\n","protected":false},"author":4,"featured_media":488,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[68,3,12,439,438,13,76,63,274,445,421,75,61,11,10,77,74,444,14,446,69,71,241,43,72,70,8,27,440,441,124,6,67,443,442,62,15,81,345],"class_list":["post-487","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-breach-report","tag-been-pwned","tag-breach-report","tag-breaches","tag-chippewa","tag-chippewa-county","tag-ciso","tag-cloud","tag-computer-security","tag-computers","tag-county","tag-credit","tag-cyber-security","tag-cybercrime","tag-cybersecurity","tag-dallas","tag-dark-web","tag-data-breach","tag-employee","tag-executive","tag-government","tag-have-been-pwned","tag-have-i-pwned","tag-haveibeenpwned","tag-hipaa","tag-i-been-pwned","tag-i-have-been-pwned","tag-kent-protect","tag-kentprotect","tag-north","tag-northern","tag-phi","tag-phishing","tag-pwned","tag-remote","tag-remote-access","tag-security","tag-summary","tag-texas","tag-wisconsin"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect<\/title>\n<meta name=\"description\" content=\"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect\" \/>\n<meta property=\"og:description\" content=\"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/\" \/>\n<meta property=\"og:site_name\" content=\"Kent Protect\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-09T10:51:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-09T11:18:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kyler Kent CISSP\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kyler Kent CISSP\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/\"},\"author\":{\"name\":\"Kyler Kent CISSP\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\"},\"headline\":\"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+\",\"datePublished\":\"2023-04-09T10:51:08+00:00\",\"dateModified\":\"2023-04-09T11:18:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/\"},\"wordCount\":613,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg\",\"keywords\":[\"been pwned\",\"breach report\",\"breaches\",\"chippewa\",\"chippewa county\",\"ciso\",\"cloud\",\"computer security\",\"computers\",\"county\",\"credit\",\"cyber security\",\"cybercrime\",\"cybersecurity\",\"dallas\",\"dark web\",\"data breach\",\"employee\",\"executive\",\"government\",\"have been pwned\",\"have I pwned\",\"haveibeenpwned\",\"HIPAA\",\"I been pwned\",\"I have been pwned\",\"kent protect\",\"kentprotect\",\"north\",\"northern\",\"PHI\",\"phishing\",\"pwned\",\"remote\",\"remote access\",\"security\",\"summary\",\"texas\",\"Wisconsin\"],\"articleSection\":[\"The Breach Report!\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/\",\"name\":\"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg\",\"datePublished\":\"2023-04-09T10:51:08+00:00\",\"dateModified\":\"2023-04-09T11:18:49+00:00\",\"description\":\"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"Chippewa County Wisconsin Sheriffs Office Patch Logo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/2023\\\/04\\\/09\\\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kentprotect.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#website\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"name\":\"Kent Protect\",\"description\":\"Starring the Breach Report! and other security and cybersecurity series\",\"publisher\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kentprotect.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#organization\",\"name\":\"Kent Protect\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/04\\\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png\",\"width\":209,\"height\":161,\"caption\":\"Kent Protect\"},\"image\":{\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/#\\\/schema\\\/person\\\/f9b4d76bd2f5b5559a08ad2e004a1116\",\"name\":\"Kyler Kent CISSP\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"url\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/kentprotect.com\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/Retry-3-150x150.jpg\",\"caption\":\"Kyler Kent CISSP\"},\"description\":\"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \\\"SOC Analyst Career Guide\\\" (ISBN-13: 9781835467466). https:\\\/\\\/linktr.ee\\\/kentprotect.com Corrections: corrections@kentprotect.com\",\"sameAs\":[\"http:\\\/\\\/kylerkent.com\"],\"url\":\"https:\\\/\\\/kentprotect.com\\\/index.php\\\/author\\\/kylerkent\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect","description":"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/","og_locale":"en_US","og_type":"article","og_title":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect","og_description":"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.","og_url":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/","og_site_name":"Kent Protect","article_published_time":"2023-04-09T10:51:08+00:00","article_modified_time":"2023-04-09T11:18:49+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg","type":"image\/jpeg"}],"author":"Kyler Kent CISSP","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kyler Kent CISSP","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#article","isPartOf":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/"},"author":{"name":"Kyler Kent CISSP","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116"},"headline":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+","datePublished":"2023-04-09T10:51:08+00:00","dateModified":"2023-04-09T11:18:49+00:00","mainEntityOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/"},"wordCount":613,"commentCount":0,"publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg","keywords":["been pwned","breach report","breaches","chippewa","chippewa county","ciso","cloud","computer security","computers","county","credit","cyber security","cybercrime","cybersecurity","dallas","dark web","data breach","employee","executive","government","have been pwned","have I pwned","haveibeenpwned","HIPAA","I been pwned","I have been pwned","kent protect","kentprotect","north","northern","PHI","phishing","pwned","remote","remote access","security","summary","texas","Wisconsin"],"articleSection":["The Breach Report!"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/","url":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/","name":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+ - Kent Protect","isPartOf":{"@id":"https:\/\/kentprotect.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#primaryimage"},"image":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#primaryimage"},"thumbnailUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg","datePublished":"2023-04-09T10:51:08+00:00","dateModified":"2023-04-09T11:18:49+00:00","description":"In February 2023, a Chippewa County HR employee accidentally downloaded a remote access tool, allowing an attacker to potentially breach the sensitive data of over 800+ Wisconsin residents.","breadcrumb":{"@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#primaryimage","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/43UKWCKDKVHLPAN7BQVE2ZHGCM.jpg","width":1920,"height":1080,"caption":"Chippewa County Wisconsin Sheriffs Office Patch Logo"},{"@type":"BreadcrumbList","@id":"https:\/\/kentprotect.com\/index.php\/2023\/04\/09\/breach-report-chippewa-county-of-wisconsin-breach-via-remote-access-tool-affects-800\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kentprotect.com\/"},{"@type":"ListItem","position":2,"name":"Breach Report: Chippewa County of Wisconsin breach via remote access tool affects 800+"}]},{"@type":"WebSite","@id":"https:\/\/kentprotect.com\/#website","url":"https:\/\/kentprotect.com\/","name":"Kent Protect","description":"Starring the Breach Report! and other security and cybersecurity series","publisher":{"@id":"https:\/\/kentprotect.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kentprotect.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kentprotect.com\/#organization","name":"Kent Protect","url":"https:\/\/kentprotect.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/04\/cropped-FullLogo_Transparent-1-with-KP-Smaller.png","width":209,"height":161,"caption":"Kent Protect"},"image":{"@id":"https:\/\/kentprotect.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/kentprotect.com\/#\/schema\/person\/f9b4d76bd2f5b5559a08ad2e004a1116","name":"Kyler Kent CISSP","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","url":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","contentUrl":"https:\/\/kentprotect.com\/wp-content\/uploads\/2023\/03\/Retry-3-150x150.jpg","caption":"Kyler Kent CISSP"},"description":"Kyler Kent is a Senior Cybersecurity Analyst on CrowdStrike\u2019s Falcon Complete MDR team, where he helps large enterprises detect, investigate, and contain real intrusions across cloud and hybrid environments. His work spans threat hunting, incident response, and security automation\u2014turning noisy telemetry into clear, repeatable actions that reduce risk quickly. Previously, Kyler served as a Threat Hunting and Intelligence Specialist supporting a critical infrastructure provider in Dallas, and led security automation and operational coordination at CyberConvoy. He holds a Master\u2019s in Cybersecurity Risk Management from Georgetown University and maintains certifications including CISSP, AWS Solutions Architect \u2013 Professional, AWS Security \u2013 Specialty, and multiple CrowdStrike credentials. He writes to close the gap between \u201cwhat the textbook says\u201d and what analysts actually do on shift with his published book: \"SOC Analyst Career Guide\" (ISBN-13: 9781835467466). https:\/\/linktr.ee\/kentprotect.com Corrections: corrections@kentprotect.com","sameAs":["http:\/\/kylerkent.com"],"url":"https:\/\/kentprotect.com\/index.php\/author\/kylerkent\/"}]}},"_links":{"self":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/487","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/comments?post=487"}],"version-history":[{"count":3,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/487\/revisions"}],"predecessor-version":[{"id":493,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/posts\/487\/revisions\/493"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media\/488"}],"wp:attachment":[{"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/media?parent=487"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/categories?post=487"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kentprotect.com\/index.php\/wp-json\/wp\/v2\/tags?post=487"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}