Microsoft Exchange Server Hack Affects Business Across the United States
Posted On: March 11, 2021 in: News & Releases
by Park Bank
Park Bank reminds clients to monitor and confirm their cybersecurity protocols
MADISON, WI (March 10, 2021) — On March 3, Cybersecurity and Infrastructure Security (CISA) alerted the public that Microsoft Exchanges servers’ weaknesses led to stolen emails from at least 30,000 organizations ranging from small businesses to government agencies across the United States. The hack allowed the infiltrator to access the system, allowing entry to files and mailboxes on the server and credentials stored on that system.
“Exploitation of digital vulnerabilities is a top threat to client security and we can only assume that some of our clients use Microsoft Exchange. We want to help them by letting them know about this serious vulnerability and cyber-attack,” said Park Bank Vice President of Information and Cyber Security Jeff Kurek. “We want to help make sure clients are aware of cyber security risks and are able to protect themselves from such an attack.”
The Microsoft Exchange servers breach was first detected in January, escalating in February. CISA issued an emergency warning in early March. Microsoft released emergency security updates to patch the vulnerabilities hackers were using in the 2013 through 2019 versions. Companies and organizations that use Microsoft’s Exchange program should assume their emails were infiltrated and work quickly to install Microsoft’s patches. The cloud-based Exchange Online and Microsoft 365 products were not affected.
“Just because fixes are applied, this does not mean that your servers have not already been compromised,” said Kurek. “What makes this situation tricky is even though you may have the patch installed, you can’t guarantee you haven’t been compromised until you check. It’s critical to check if you were compromised even if you do have the patch installed.”
For more information on how to respond if you believe your system might have been compromised, refer to the following resources:
- Microsoft’s website provides details on how to make the updates to their program.
- Microsoft released an additional set of security updates to apply to older, unsupported Cumulative Updates (CUs) as a temporary measure.
For more information on Park Bank, visit ParkBank.com or call 608.278.2801.
About Park Bank
With convenient locations throughout Dane County, Park Bank blends financial technology with individualized, proactive service in order to help clients achieve their goals. From individuals and families to nonprofits and businesses, Park Bank has over 50 years of experience bringing clients’ ambition to fruition. As the longest-serving Madison-based community bank, Park Bank is driven to create an ever-stronger community through collaboration with nonprofit organizations focused on diversity and inclusion, paid volunteer time for associates to give their time and energy to causes that matter to them, and deepening charitable impact in order to help create positive change in the communities Park serves. Learn more at ParkBank.com or call 608.278.2801 for more information.
We are not endorsing or guaranteeing the products, information, or recommendations provided by the organizations linked from our website. We are not liable for any failure of products or services advertised on those sites. We are not responsible for the validity, collection, use, or security of information by organizations that may be linked to our website. We encourage you to read the privacy policies of websites reached through the use of links from the Park Bank website.