Catholic United Financial

In October 2017, the Washington State Office of the Attorney General disclosed a data breach at Catholic United Financial, which took place between July 31 and August 28, 2017. The incident stemmed from a cyberattack involving malware, compromising the personally identifiable information (PII) of 704 Washington residents. The exposed data included names and Social Security numbers (SSNs), heightening risks of identity theft and financial fraud. The breach was attributed to an external cyber intrusion, though specifics on the attack vector (e.g., phishing, unpatched vulnerabilities) were not detailed. The exposure of SSNs highly sensitive identifiers posed significant long-term threats to affected individuals, including potential fraudulent credit applications, tax fraud, or unauthorized account access. The company likely faced regulatory scrutiny under state data protection laws, alongside reputational damage and potential legal liabilities. Remediation efforts, such as credit monitoring for victims, were not explicitly mentioned in the report.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=9742

TPRM report: https://www.rankiteo.com/company/catholicunitedfinancial

"id": "cat034091825",
"linkid": "catholicunitedfinancial",
"type": "Cyber Attack",
"date": "7/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '704',
                        'industry': 'Insurance/Financial',
                        'location': 'Washington, USA (residents affected)',
                        'name': 'Catholic United Financial',
                        'type': 'Financial Services'}],
 'attack_vector': 'Malware',
 'data_breach': {'number_of_records_exposed': '704',
                 'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2017-10-06',
 'description': 'The Washington State Office of the Attorney General reported '
                'a data breach involving Catholic United Financial that '
                'occurred between July 31, 2017 and August 28, 2017. The '
                'breach exposed the personally identifiable information (PII) '
                'of approximately 704 Washington residents, including names '
                'and Social Security numbers, as a result of a malware '
                'cyberattack.',
 'impact': {'data_compromised': ['Names', 'Social Security numbers'],
            'identity_theft_risk': 'High (PII exposed)'},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Washington State '
                                                       'Office of the Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Public disclosure via Washington '
                                        'State Attorney General'},
 'title': 'Catholic United Financial Data Breach (2017)',
 'type': 'Data Breach'}

Catholic United Financial

Tinder, Capcom, ElevenLabs and Zendesk: Mass Spam Attacks Leverage Zendesk Instances

Touch ‘n Go: Researchers Hijack Hacker Domain Using Name Server Delegation

LastPass and Amazon Web Services: LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords