The way the UK auto insurance provider AA handled a data breach in April that revealed client email addresses and part of credit card numbers has drawn harsh criticism.
The data leak from the AA's online store was caused by a server setup error.
Backup files containing orders for maps, automotive accessories, and other goods were made public due to the incident.
The AA acknowledged that orders from AA shops and retailers were impacted by the issue, not sensitive data.
Source: https://securityaffairs.com/60696/breaking-news/aa-data-leak.html
TPRM report: https://scoringcyber.rankiteo.com/company/aa-insurance
"id": "aai334271123",
"linkid": "aa-insurance",
"type": "Data Leak",
"date": "07/2017",
"severity": "25",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Automotive Insurance',
'location': 'United Kingdom',
'name': 'AA',
'type': 'Insurance Provider'}],
'attack_vector': 'Server Misconfiguration',
'data_breach': {'type_of_data_compromised': ['Email addresses',
'Part of credit card numbers']},
'description': 'The way the UK auto insurance provider AA handled a data '
'breach in April that revealed client email addresses and part '
'of credit card numbers has drawn harsh criticism. The data '
"leak from the AA's online store was caused by a server setup "
'error. Backup files containing orders for maps, automotive '
'accessories, and other goods were made public due to the '
'incident. The AA acknowledged that orders from AA shops and '
'retailers were impacted by the issue, not sensitive data.',
'impact': {'brand_reputation_impact': 'Harsh criticism',
'data_compromised': ['Email addresses',
'Part of credit card numbers'],
'systems_affected': ['Online store']},
'title': 'AA Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Server setup error'}