Bodybuilding.com

The California Office of the Attorney General reported on April 19, 2019, that Vitalize, LLC experienced a data breach on July 5, 2018, involving unauthorized access through a phishing email received. The breach potentially exposed customer names, email addresses, passwords, billing/shipping addresses, phone numbers, order history, birthdates, and BodySpace profile information. Bodybuilding.com confirmed certain customer information may have been affected but stated that full credit/debit card numbers were not stored and therefore not accessed.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-146494

TPRM report: https://www.rankiteo.com/company/bodybuilding-com

"id": "bod600072625",
"linkid": "bodybuilding-com",
"type": "Breach",
"date": "7/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Health and Fitness',
                        'name': 'Vitalize, LLC',
                        'type': 'Company'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': ['customer names',
                                                         'email addresses',
                                                         'billing/shipping '
                                                         'addresses',
                                                         'phone numbers',
                                                         'birthdates'],
                 'type_of_data_compromised': ['customer names',
                                              'email addresses',
                                              'passwords',
                                              'billing/shipping addresses',
                                              'phone numbers',
                                              'order history',
                                              'birthdates',
                                              'BodySpace profile information']},
 'date_detected': '2018-07-05',
 'date_publicly_disclosed': '2019-04-19',
 'description': 'The California Office of the Attorney General reported on '
                'April 19, 2019, that Vitalize, LLC experienced a data breach '
                'on July 5, 2018, involving unauthorized access through a '
                'phishing email received. The breach potentially exposed '
                'customer names, email addresses, passwords, billing/shipping '
                'addresses, phone numbers, order history, birthdates, and '
                'BodySpace profile information. Bodybuilding.com confirmed '
                'certain customer information may have been affected but '
                'stated that full credit/debit card numbers were not stored '
                'and therefore not accessed.',
 'impact': {'data_compromised': ['customer names',
                                 'email addresses',
                                 'passwords',
                                 'billing/shipping addresses',
                                 'phone numbers',
                                 'order history',
                                 'birthdates',
                                 'BodySpace profile information']},
 'initial_access_broker': {'entry_point': 'Phishing Email'},
 'references': [{'date_accessed': '2019-04-19',
                 'source': 'California Office of the Attorney General'}],
 'title': 'Vitalize, LLC Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unauthorized Access'}

Bodybuilding.com

Grafana: Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Reqrea: Millions Of Hotel Guests' IDs Left Open Online In Massive Security Blunder

Belambra, Gîtes de France and Pierre & Vacances-Center Parcs: Gîtes de France among three booking websites to be hit by cyberattack