On December 27, 2023, the Vermont Office of the Attorney General reported a data breach involving America Works of New York. The incident, linked to a vulnerability in the MOVEit software, potentially affected personal information of employees including names, dates of birth, and Social Security numbers. The breach was discovered on November 30, 2023, with unauthorized access occurring in May 2023.
TPRM report: https://www.rankiteo.com/company/america-works
"id": "ame658080525",
"linkid": "america-works",
"type": "Vulnerability",
"date": "5/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'location': 'New York',
'name': 'America Works of New York',
'type': 'Company'}],
'attack_vector': 'Software Vulnerability',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'dates of birth',
'Social Security numbers']},
'date_detected': '2023-11-30',
'date_publicly_disclosed': '2023-12-27',
'description': 'A data breach involving America Works of New York was '
'reported by the Vermont Office of the Attorney General. The '
'incident was linked to a vulnerability in the MOVEit software '
'and potentially affected personal information of employees '
'including names, dates of birth, and Social Security numbers.',
'impact': {'data_compromised': ['names',
'dates of birth',
'Social Security numbers']},
'references': [{'date_accessed': '2023-12-27',
'source': 'Vermont Office of the Attorney General'}],
'title': 'Data Breach at America Works of New York',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit software vulnerability'}