A recent hack of the office email was done by someone who was sending emails from an Office 365 account belonging to one of the owners. My personal bet is that they got access vie a simple matter of Social Engineering wherein the owner was tricked into giving her login and password to one of those ever-present Phishing emails from "Microsoft Security" telling you to log into your "secure access portal" by clicking a link that takes them into it through the hackers site while they log in with the hacker watching every entry. This allowed the hacker to reconnect later using what they learned and simply stay connected to the web portal for that user.
The hacker created all kinds of mischief in that persons name by literally staying connected to their Outlook web portal and simply writing emails giving the company financial officers orders to send wire transfers to the hacker's banks. But rather than deleting the conversations afterward, they kept then for some time in the drafts folder The when they finally deleted them, i took a while to figure out what i need to recover were deleted draft emails.
Neat trick and they got away with it for several few days before anyone noticed. Even then, it took me a while to realize i needed to search for deleted "drafts".
Some people have suggested that a keylogger was involved but I think it was much simpler than that. Still, I wouldn't mind running a few rootkit/keylogger scans to be safe. I was wondering if anyone knew of some that might be the best to scan with.
I have not dropped in at DC for some time, definitely not since the Holidays so I hope all at DC had a Merry Christmas and a Happy New Year for 2017.