jjreisert@alum.mit.edu
Date: Mon, 30 Oct 2017 17:15:34 -0600
John Wenzel, *The Denver Post*, 30 Oct 2017
A phishing scam in June led to the compromised email inboxes, officials said
http://www.denverpost.com/2017/10/30/denver-art-museum-data-breach-800/
The Denver Art Museum warned 800 people this month of a data breach that
included sensitive personal and financial information about its donors,
customers, and current and former employees, according to a letter
obtained by *The Denver Post*.
The letter, dated 9 Oct, informed recipients of the "data security
incident" over the summer, as well as the museum's discovery of the breach
on 13 Sep, which triggered a forensic investigation by an unnamed
third-party firm.
The unauthorized access began on or about 5 Jun, and ended on or about 27
Jun, the letter said. The breach occurred through an email phishing scam
and affected two of the museum's email inboxes, said Andrea Fulton, chief
marketing officer for the Denver Art Museum.
"We have no evidence that anybody's data has been compromised," Fulton
said. "None of our big databases were impacted. It's simply content that
was in a couple of email inboxes."