North Pole Cyber Hack

St. Nicholas & Co. disclosed that hackers had breached entry into their database.  Information leaked in the breach includes their employee data, company banking information, and the famous naughty/nice list.  

Naughty List Leaked

The company estimates 200 employees were affected in the breach, and the entire naughty/nice list which includes 7 billion children and parents.  Wuvavi had an exclusive interview with one of the affected employees, Peppermint the Elf.  Peppermint said, “ With the reindeer constantly sending links to cat videos, and inviting guests into the barn for eggnog, they should have expected that our information is at risk.  I’m just tired of all these reindeer games. I’m not sure why management didn’t take security more seriously.”  The goal of the hack seems to be focused on obtaining private information from St. Nicholas & Co stakeholders.

Phishing Targeted Employees

In a letter to stakeholders on Monday, St. Nicholas & Co. Chief Executive, Kris Kringel said that they are working closely with their internal experts and the team at Wuvavi to better understand how the attack took place, and how to prevent similar attacks in the future.  Wuvavi’s review shows attackers likely gained access through a malicious phishing email.  A single employee clicked on a link, but this action installed a virus that quickly spread across the network.  An anonymous source suggested the Grinch was at fault, but no one has claimed responsibility for the attack.  The Grinch denied our request for an interview.

The Future of St. Nicholas & Co. at Risk

The company insists that they will move forward with Christmas as planned, and that children and parents should be confident that they are investing to protect information in the future. St. Nicholas & Co. will begin prevention by rolling out an employee training and phishing platform in January.