The California Office of the Attorney General disclosed that ASI Computer Systems suffered a data breach involving unauthorized access to usernames and passwords tied to its customer support website. The incident, initially occurring prior to December 1, 2016, was detected and reported on November 1, 2018, impacting 716 California residents. The breach exposed login credentials, though there was no explicit confirmation of further misuse (e.g., financial fraud or identity theft). ASI responded by deactivating compromised passwords and advising affected users to reset their credentials as a remediation measure. While the breach did not involve highly sensitive data (e.g., financial records, Social Security numbers, or medical information), the exposure of authentication details posed a risk of unauthorized account access, potential phishing attacks, or credential stuffing across other platforms where users may have reused passwords. The incident highlighted vulnerabilities in ASI’s security protocols, particularly around protecting customer support systems and timely breach detection. No evidence suggested the attack escalated beyond credential exposure, but the delay in discovery (nearly two years) raised concerns about monitoring capabilities and incident response efficiency. The company’s corrective actions mitigated immediate risks, though the long-term reputational impact and customer trust erosion remained potential consequences.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-142614
TPRM report: https://www.rankiteo.com/company/asi-corporation
"id": "asi000091825",
"linkid": "asi-corporation",
"type": "Breach",
"date": "12/2016",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 716,
'industry': 'Technology/Computer Systems',
'location': 'California, USA',
'name': 'ASI Computer Systems',
'type': 'Company'}],
'customer_advisories': ['Users advised to reset passwords'],
'data_breach': {'number_of_records_exposed': 716,
'sensitivity_of_data': 'Medium (authentication credentials)',
'type_of_data_compromised': ['credentials (usernames and '
'passwords)']},
'date_detected': '2018-11-01',
'description': 'The California Office of the Attorney General reported that '
'ASI Computer Systems experienced unauthorized access to '
'usernames and passwords related to a customer support website '
'on November 1, 2018. The incident affected 716 California '
'residents, with the data breach originally occurring prior to '
'December 1, 2016. ASI took remediation actions, including '
'deactivating passwords and advising users to reset their '
'information.',
'impact': {'data_compromised': ['usernames', 'passwords'],
'identity_theft_risk': 'Potential (credentials exposed)',
'systems_affected': ['customer support website']},
'post_incident_analysis': {'corrective_actions': ['Password deactivation',
'User notification for '
'password reset']},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'response': {'containment_measures': ['deactivating compromised passwords'],
'remediation_measures': ['advising users to reset passwords']},
'title': 'Unauthorized Access to ASI Computer Systems Customer Support '
'Website',
'type': 'Data Breach'}