The Vermont Office of the Attorney General reported a data breach involving Blundstone U.S.A., Inc. on September 20, 2024. The breach, which occurred between July 7, 2024, and August 14, 2024, involved an unauthorized third party exploiting a vulnerability in the Adobe Commerce platform, potentially compromising personal information such as names, addresses, and payment card information.
Source: https://ago.vermont.gov/document/2024-09-20-blundstone-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/blundstone-usa
"id": "blu522080425",
"linkid": "blundstone-usa",
"type": "Vulnerability",
"date": "7/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Retail',
'location': 'United States',
'name': 'Blundstone U.S.A., Inc.',
'type': 'Company'}],
'attack_vector': 'Exploitation of Vulnerability',
'data_breach': {'personally_identifiable_information': ['names', 'addresses'],
'type_of_data_compromised': ['names',
'addresses',
'payment card information']},
'date_detected': '2024-08-14',
'date_publicly_disclosed': '2024-09-20',
'description': 'The Vermont Office of the Attorney General reported a data '
'breach involving Blundstone U.S.A., Inc. on September 20, '
'2024. The breach, which occurred between July 7, 2024, and '
'August 14, 2024, involved an unauthorized third party '
'exploiting a vulnerability in the Adobe Commerce platform, '
'potentially compromising personal information such as names, '
'addresses, and payment card information.',
'impact': {'data_compromised': ['names',
'addresses',
'payment card information']},
'references': [{'date_accessed': '2024-09-20',
'source': 'Vermont Office of the Attorney General'}],
'threat_actor': 'Unauthorized third party',
'title': 'Blundstone U.S.A., Inc. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Adobe Commerce platform vulnerability'}