AmeriSave Mortgage Corporation

On December 12, 2019, AmeriSave Mortgage Corporation experienced a data breach reported by the California Office of the Attorney General on January 3, 2020. The incident involved unauthorized third parties gaining access to customer personal information through compromised credentials on a business partner’s system. While the breach exposed various types of personal data, it did not include passwords or security codes. The compromised information may have included sensitive customer details, though the exact scope of the exposed data (e.g., financial records, identification numbers, or contact information) was not fully specified. The breach originated from an external vulnerability in a third-party system, highlighting risks associated with supply chain cybersecurity. No ransomware was involved, and there was no indication of systemic disruption to AmeriSave’s operations or broader financial infrastructure. The primary concern revolved around the unauthorized access and potential misuse of customer data, raising concerns over identity theft, fraud, or reputational harm.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-185603

TPRM report: https://www.rankiteo.com/company/amerisave-insurance-services-inc

"id": "ame302091725",
"linkid": "amerisave-insurance-services-inc",
"type": "Breach",
"date": "10/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Mortgage Lending',
                        'location': 'United States (California)',
                        'name': 'AmeriSave Mortgage Corporation',
                        'type': 'Corporation'}],
 'attack_vector': 'Compromised Credentials (Business Partner System)',
 'data_breach': {'data_exfiltration': 'Potential',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'Moderate (excludes passwords/security '
                                        'codes)',
                 'type_of_data_compromised': 'Personal Information'},
 'date_detected': '2019-12-12',
 'date_publicly_disclosed': '2020-01-03',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving AmeriSave Mortgage Corporation that occurred '
                'on December 12, 2019. Unauthorized third parties accessed '
                'customer personal information through compromised credentials '
                "on a business partner's system, potentially affecting various "
                'personal data but not passwords or security codes.',
 'impact': {'data_compromised': ['Personal Information (excluding passwords or '
                                 'security codes)'],
            'identity_theft_risk': 'Potential',
            'systems_affected': ["Business Partner's System"]},
 'initial_access_broker': {'entry_point': "Business Partner's System "
                                          '(Compromised Credentials)'},
 'references': [{'date_accessed': '2020-01-03',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['California Data Breach '
                                                    'Notification Law'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'threat_actor': 'Unauthorized Third Parties',
 'title': 'AmeriSave Mortgage Corporation Data Breach (2019)',
 'type': 'Data Breach'}

AmeriSave Mortgage Corporation

Grafana: Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Reqrea: Millions Of Hotel Guests' IDs Left Open Online In Massive Security Blunder

Belambra, Gîtes de France and Pierre & Vacances-Center Parcs: Gîtes de France among three booking websites to be hit by cyberattack