U.S. State Government Network Breached via Former Employee's Account

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.
"This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published

access access point account actor administrator agency authenticate breached cisa compromised cybersecurity employee environment government infrastructure infrastructure security internal network organization point private private network security state state government threat threat actor virtual virtual private network vpn