Arhaus suffered a data breach that stemmed from a cybersecurity incident in which an unauthorized party accessed sensitive employee information contained on the company’s systems.
The breach compromised the names, driver’s license numbers, Social Security numbers, and financial account numbers of certain employees.
Arhaus investigated the incident and sent out data breach letters to all affected parties.
Source: https://www.jdsupra.com/legalnews/arhaus-confirms-data-breach-affecting-4093873/
TPRM report: https://scoringcyber.rankiteo.com/company/arhaus-furniture
"id": "arh2327171022",
"linkid": "arhaus-furniture",
"type": "Breach",
"date": "07/2022",
"severity": "80",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'name': 'Arhaus', 'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Driver’s License Numbers',
'Social Security Numbers',
'Financial Account Numbers']},
'description': 'Arhaus suffered a data breach that stemmed from a '
'cybersecurity incident in which an unauthorized party '
'accessed sensitive employee information contained on the '
'company’s systems. The breach compromised the names, driver’s '
'license numbers, Social Security numbers, and financial '
'account numbers of certain employees. Arhaus investigated the '
'incident and sent out data breach letters to all affected '
'parties.',
'impact': {'data_compromised': ['Names',
'Driver’s License Numbers',
'Social Security Numbers',
'Financial Account Numbers']},
'investigation_status': 'Investigated',
'response': {'communication_strategy': 'Data breach letters sent to all '
'affected parties'},
'title': 'Arhaus Data Breach',
'type': 'Data Breach'}