The California State Controller's Office (SCO) reported a data breach on March 23, 2021, involving an employee's email account that was accessed by an unauthorized user from March 18, 2021, to March 19, 2021. The breach potentially exposed personal identifying information including names, addresses, social security numbers, and more, but the exact number of individuals affected is unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-539387
TPRM report: https://www.rankiteo.com/company/california-state-controllers
"id": "cal427072725",
"linkid": "california-state-controllers",
"type": "Breach",
"date": "3/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Public Administration',
'location': 'California, USA',
'name': "California State Controller's Office",
'type': 'Government'}],
'attack_vector': 'Email Account Compromise',
'data_breach': {'personally_identifiable_information': ['Names',
'Addresses',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Identifying '
'Information']},
'date_detected': '2021-03-23',
'date_publicly_disclosed': '2021-03-23',
'description': "The California State Controller's Office (SCO) reported a "
"data breach on March 23, 2021, involving an employee's email "
'account that was accessed by an unauthorized user from March '
'18, 2021, to March 19, 2021. The breach potentially exposed '
'personal identifying information including names, addresses, '
'social security numbers, and more, but the exact number of '
'individuals affected is unknown.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Social Security Numbers']},
'initial_access_broker': {'entry_point': 'Email Account'},
'references': [{'source': "California State Controller's Office"}],
'threat_actor': 'Unauthorized User',
'title': "California State Controller's Office Data Breach",
'type': 'Data Breach'}