A former California state employee downloaded sensitive personal information on thousands of fellow workers, potentially exposing them to identity theft.
The information included Social Security numbers for Department of Fish and Wildlife employees and contractors.
The former employee did not appear to have had malicious intent.
Source: https://www.mercurynews.com/2018/02/16/thousands-of-california-employees-data-exposed/
TPRM report: https://scoringcyber.rankiteo.com/company/california-department-of-fish-and-wildlife
"id": "cal987622",
"linkid": "california-department-of-fish-and-wildlife",
"type": "Breach",
"date": "02/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Thousands of Employees and '
'Contractors',
'industry': 'Government',
'location': 'California, USA',
'name': 'California Department of Fish and Wildlife',
'type': 'Government Agency'}],
'attack_vector': 'Insider Threat',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Thousands',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Social Security Numbers'},
'description': 'A former California state employee downloaded sensitive '
'personal information on thousands of fellow workers, '
'potentially exposing them to identity theft. The information '
'included Social Security numbers for Department of Fish and '
'Wildlife employees and contractors. The former employee did '
'not appear to have had malicious intent.',
'impact': {'data_compromised': 'Social Security Numbers',
'identity_theft_risk': 'High'},
'motivation': 'Unknown/Non-Malicious',
'threat_actor': 'Former Employee',
'title': 'Data Exfiltration by Former Employee at California Department of '
'Fish and Wildlife',
'type': 'Data Exfiltration',
'vulnerability_exploited': 'Unauthorized Access'}