The California Office of the Attorney General disclosed a data breach affecting **Academic Therapy Publications** in October 2021. The incident involved unauthorized access to customer data tied to online transactions, spanning from **December 20, 2017, to September 20, 2021**. The breach, which occurred between **January 6, 2020, and July 25, 2021**, exposed sensitive personal and financial information, including **names, addresses, phone numbers, email addresses, and debit/credit card details**. The compromised data poses significant risks, such as potential financial fraud, identity theft, and phishing attacks targeting affected individuals. While the breach did not involve ransomware or a full-scale system takeover, the exposure of payment card information and personally identifiable details elevates the severity due to the direct financial and reputational harm to customers. The prolonged duration of the breach—both in terms of the exposed data period and the unauthorized access window—further exacerbates the impact, as threat actors had extended opportunities to exploit the stolen information. The company’s failure to detect the intrusion for over a year highlights vulnerabilities in its cybersecurity defenses, raising concerns about compliance with data protection regulations and the adequacy of monitoring systems. Customers impacted by the breach face long-term risks, including unauthorized transactions and misuse of their personal data in secondary attacks.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-546488
TPRM report: https://www.rankiteo.com/company/academic-therapy-publications
"id": "aca950091725",
"linkid": "academic-therapy-publications",
"type": "Breach",
"date": "12/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Individuals with online '
'purchases between December 20, '
'2017, and September 20, 2021',
'industry': 'Education/Publishing',
'location': 'California, USA',
'name': 'Academic Therapy Publications',
'type': 'Company'}],
'data_breach': {'data_exfiltration': 'Yes (unauthorized access to customer '
'data)',
'personally_identifiable_information': ['names',
'addresses',
'phone numbers',
'email addresses'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Payment Information']},
'date_publicly_disclosed': '2021-10-14',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Academic Therapy Publications on October 14, '
'2021. The breach involved unauthorized access to customer '
'information related to online purchases, affecting '
'individuals from December 20, 2017, to September 20, 2021. '
'The compromised information included names, addresses, phone '
'numbers, email addresses, and debit or credit card details, '
'with the breach occurring between January 6, 2020, and July '
'25, 2021.',
'impact': {'data_compromised': ['names',
'addresses',
'phone numbers',
'email addresses',
'debit or credit card details'],
'identity_theft_risk': 'High (PII and payment data exposed)',
'payment_information_risk': 'High (debit/credit card details '
'exposed)'},
'references': [{'date_accessed': '2021-10-14',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['Potential violation of '
'California Consumer '
'Privacy Act (CCPA)',
'Potential violation of '
'Payment Card Industry '
'Data Security Standard '
'(PCI DSS)'],
'regulatory_notifications': 'Reported to California '
'Office of the Attorney '
'General'},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'Data Breach at Academic Therapy Publications',
'type': 'Data Breach'}