The California Office of the Attorney General disclosed on May 27, 2022, that Capsule Corporation suffered a data breach on April 5, 2022, where unauthorized actors gained access to certain company accounts. The incident exposed personal information, including demographic data, health records, and limited payment details of an undetermined number of individuals. The breach raised concerns over potential misuse of sensitive data, particularly given the inclusion of health-related information, which could lead to identity theft, financial fraud, or targeted phishing attacks. While the exact scale of the breach remains unclear, the exposure of such data poses significant risks to affected individuals, potentially resulting in long-term reputational damage for the company and regulatory scrutiny under data protection laws like CCPA (California Consumer Privacy Act). The incident underscores vulnerabilities in Capsule Corporation’s cybersecurity defenses, particularly in safeguarding highly sensitive personal and health information from unauthorized access.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-553843
TPRM report: https://www.rankiteo.com/company/capsule-co
"id": "cap138082125",
"linkid": "capsule-co",
"type": "Breach",
"date": "4/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Healthcare (presumed, based on data '
'types)',
'location': 'California, USA',
'name': 'Capsule Corporation',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': 'Likely (accessed by unauthorized '
'actors)',
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': 'Yes (demographic and '
'potentially payment '
'data)',
'sensitivity_of_data': 'High (health and payment data)',
'type_of_data_compromised': ['demographic information',
'health information',
'limited payment information']},
'date_detected': '2022-04-05',
'date_publicly_disclosed': '2022-05-27',
'description': 'The California Office of the Attorney General reported that '
'Capsule Corporation experienced a data breach where '
'unauthorized actors accessed certain Capsule accounts. The '
'breach potentially affected personal information, including '
'demographic, health, and limited payment information of '
'unknown numbers of individuals.',
'impact': {'data_compromised': ['demographic information',
'health information',
'limited payment information'],
'identity_theft_risk': 'Potential (unknown scale)',
'payment_information_risk': 'Limited'},
'references': [{'date_accessed': '2022-05-27',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA (health '
'data)',
'California Consumer '
'Privacy Act (CCPA)'],
'regulatory_notifications': 'California Office of '
'the Attorney General'},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'Capsule Corporation Data Breach (2022)',
'type': 'Data Breach'}