An unauthorized third-party hacked into American Financial Resources, Inc's computer systems and accessed certain AFR files that contained highly sensitive customer information.
AFR investigated the incident and notified the affected customers but the hackers had already conducted some fraudulent activity related to the sensitive information provided to AFR like identity theft, suspicious credit and/or debit card charges, unauthorized withdrawals from a checking or savings account, requests for government services or loans, or credit accounts fraudulently opened in their name.
Source: https://classlawdc.com/2022/03/25/american-financial-resources-inc-data-breach-investigation/
TPRM report: https://scoringcyber.rankiteo.com/company/american-financial-resources
"id": "ame12331522",
"linkid": "american-financial-resources",
"type": "Breach",
"date": "12/2021",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Financial Services',
'name': 'American Financial Resources, Inc.',
'type': 'Corporation'}],
'attack_vector': 'Unauthorized Access',
'customer_advisories': ['Notified Affected Customers'],
'data_breach': {'personally_identifiable_information': ['High'],
'sensitivity_of_data': ['High'],
'type_of_data_compromised': ['Customer Information']},
'description': 'An unauthorized third-party hacked into American Financial '
"Resources, Inc's computer systems and accessed certain AFR "
'files that contained highly sensitive customer information.',
'impact': {'data_compromised': ['Customer Information'],
'identity_theft_risk': ['High'],
'payment_information_risk': ['High']},
'motivation': 'Financial Gain, Identity Theft',
'response': {'communication_strategy': ['Notified Affected Customers']},
'threat_actor': 'Unauthorized Third-Party',
'title': 'Unauthorized Access to American Financial Resources, Inc.',
'type': 'Data Breach'}